modsecurity free download

Showing 14 open source projects for "modsecurity"

View related business solutions

Gen AI apps are built with MongoDB Atlas
Build gen AI apps with an all-in-one modern database: MongoDB Atlas

MongoDB Atlas provides built-in vector search and a flexible document model so developers can build, scale, and run gen AI apps without stitching together multiple databases. From LLM integration to semantic search, Atlas simplifies your AI architecture—and it’s free to get started.

Start Free
Spidergap: Top Rated 360 Degree Feedback Software
Create and run 360° Feedback assessments that help your employees to take action on personal development.

With an intuitive interface, Spidergap makes it easy to customize feedback assessments, generate clear reports, and guide employees toward impactful growth. But you’re not just getting software—you’re gaining a team of 360° Feedback Experts to support your strategy, planning, and ROI measurement. Whether you’re running large-scale leadership programs or one-off employee reviews, Spidergap ensures feedback leads to real results. With Spidergap, personal development has never been more effective.

Learn More
1

ModSecurity

Cross platform web application firewall (WAF) engine for Apache

...Libmodsecurity is one component of the ModSecurity v3 project. The library codebase serves as an interface to ModSecurity Connectors taking in web traffic and applying traditional ModSecurity processing. In general, it provides the capability to load/interpret rules written in the ModSecurity SecRules format and apply them to HTTP content provided by your application via Connectors.

Downloads: 23 This Week

Last Update: 2025-08-05
See Project
2

ModSecurity Nginx Connector

ModSecurity v3 Nginx Connector

ModSecurity-nginx is the connector that embeds the ModSecurity v3 (libmodsecurity) web application firewall engine into NGINX. It integrates WAF processing into the NGINX request/response phases, allowing rules to inspect headers, bodies, and even streaming request data before it reaches upstream apps. Operators can load the OWASP Core Rule Set or custom rules to detect and block common attacks such as SQLi, XSS, RCE patterns, and protocol anomalies.

Downloads: 0 This Week

Last Update: 2025-09-11
See Project
3

Coraza

OWASP Coraza WAF is a golang modsecurity compatible firewall library

Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. ...

Downloads: 2 This Week

Last Update: 2025-03-20
See Project
4

ngx_waf

Handy, High performance, ModSecurity compatible Nginx firewall module

...The IP detection is a constant-time operation. Most of the remaining inspections use caching to improve performance. Compatible with ModSecurity's rules, you can use OWASP ModSecurity Core Rule Set. Supports verifying Google, Bing, Baidu and Yandex crawlers and allowing them automatically to avoid false positives. Supports three kinds of captchas: hCaptcha, reCAPTCHAv2 and reCAPTCHAv3.

Downloads: 7 This Week

Last Update: 2025-01-25
See Project
The #1 AI-Powered eLearning Platform
For users seeking a platform to generate online courses using AI

Transform your content into engaging eLearning experiences with Coursebox, the #1 AI-powered eLearning authoring tool. Our platform automates the course creation process, allowing you to design a structured course in seconds. Simply make edits, add any missing elements, and your course is ready to go. Whether you want to publish privately, share publicly, sell your course, or export it to your LMS, Coursebox has you covered.

Learn More
5

tengine-rpm

Tengine RPM for almalinux,a dist of Nginx with some advanced features.

...In short, Tengine is a distribution of Nginx with some advanced features.Tengine does not provide official RPM packages, here to provide unofficial optimized compilation and integration of LuaJIT, ModSecurity, geoip2, and other commonly used modules of the Tengine RPM packages, to facilitate the user to quickly install and configure the web server on the target server. This is a rpm package based on the official package https://tengine.taobao.org/download/tengine-3.1.0.tar.gz, which you can install it for free. The almalinux 9.5-based rpm package can also be used for Red Hat Enterprise Linux (RHEL) and its derivatives, such as CentOS Linux and Rocky Linux.

Downloads: 0 This Week

Last Update: 2025-04-06
See Project
6

CacheGuard WAF

Web Application Firewall

...Once installed on a machine, CacheGuard-OS transforms that machine into a network appliance to implement as a link to the internet. CacheGuard-OS is based on a Linux kernel and mainly uses OpenSSL, Apache and ModSecurity and ClamAV. CacheGuard WAF is especially designed to address organization requirements by providing functional and easy to handle Web security solutions.

1 Review

Downloads: 0 This Week

Last Update: 2025-10-18
See Project
7

OpenWAF

Web security protection system based on openresty

...The rule engine mainly analyzes the individual requests, and the behavior analysis engine is mainly responsible for the tracking of the request information. Rule engine inspired by modsecurity and freewaf(lua-resty-waf), the ModSecurity rules will be implemented using lua. The rule engine can be based on the protocol specification, automatic tools, injection attacks, cross site attacks, information leaks and other security exception request, adding support for dynamic rules, timely repair vulnerabilities.

Downloads: 0 This Week

Last Update: 2023-08-02
See Project
8

sWAF

A simple Web Application Firewall docker image

sWAF is a simple Web Application Firewall docker image, pre-configured to be easily used within your web services architecture. It runs NGINX as a dedicated reverse proxy embedding powerful WAF engines: ModSecurity 3, using OWASP® ModSecurity Core Rule Set (CRS) rules, and NAXSI. It uses acme.sh for Let's Encrypt and other free CA support. A lot of people are self-hosting their own cloud infrastructure (using Nextcloud, Synology, QNAP, a cloud lease server or home-made solutions...), but we can never be too much paranoid about web security for a lot of good reasons. ...

Downloads: 0 This Week

Last Update: 2023-08-02
See Project
9

OWASP ModSecurity CRS

OWASP ModSecurity Core Rule Set (CRS) Project

...The project ships with extensive documentation, exclusion packages, and testing tools to help tailor deployment for frameworks, CDNs, and APIs. Deployed on engines such as ModSecurity or compatible WAFs, CRS is a widely used baseline for HTTP security in reverse proxies and gateways.

Downloads: 4 This Week

Last Update: 2025-09-09
See Project
The CI/CD Platform built for Mobile DevOps
For mobile app developers interested in a powerful CI/CD platform for mobile app development and mobile DevOps

Save time, money, and developer frustration with fast, flexible, and scalable mobile CI/CD that just works. Whether you swear by native or would rather go cross-platform, we have you covered. From Swift to Objective-C, Java to Kotlin, as well as Xamarin, Cordova, Ionic, React Native, and Flutter: Whatever you choose, we will automatically configure your initial workflows and have you building in minutes.

Learn More
10

lua-resty-waf

High-performance WAF built on the OpenResty stack

lua-resty-waf is a web application firewall implemented in Lua for OpenResty/NGINX, designed to run inline at the edge with low overhead. It inspects requests and responses during NGINX phases, applying rule logic and anomaly scoring to detect patterns like SQL injection, cross-site scripting, and protocol abuse. Rules are organized into policies with configurable actions—block, log, or allow—and can leverage shared dictionaries for counters, rate limits, and caching decisions. Because it...

Downloads: 1 This Week

Last Update: 2025-09-11
See Project
11

w-o-f

Passive or learning mode of web application firewalls to evaluate WAF

...This talk will demonstrates a new concept to evaluate any WAF without taking risk of putting any WAFs into inline mode.Everything will be in learning or in passive mode.This project describes concept of one special engine,which can be used to evaluate any WAFs with zero risk to the end user (website owner),no matter whether its vendor supports Passive mode or not(i.e. modsecurity or naxsi).

Downloads: 0 This Week

Last Update: 2014-11-10
See Project
12

ModSecurity

ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.

25 Reviews

Downloads: 52 This Week

Last Update: 2017-08-29
See Project
13

SuStorID

...It’s version is experimental, but demonstrates a number of interesting features, that can be readily exploited to detect and act against web attacks. SuStorID can be coupled with modsecurity, the well known web application firewall, to gather training data and provide for real-time counteractions. So, SuStorID is a host-based Intrusion Detection System, and by means of modsecurity can access internal web server’s data (i.e. http request/response fields) exactly as Apache does.

Downloads: 0 This Week

Last Update: 2016-10-13
See Project
14

WeBekci

ModSecurity 2.x managament tool. Generate special rule, show logs, create conf.

Downloads: 0 This Week

Last Update: 2015-07-04
See Project