ModSecurity is a web application firewall for Apache, IIS ang Nginx. It provides logging, monitoring and filtering features.
5
votes
4answers
1k views
Does default ModSecurity protect enough against XSS?
It's been a few years since I mucked around with modsecurity...
Will simply installing the package with the default rules provide enough validation to prevent any (okay, let's be honest - best we ...
5
votes
3answers
450 views
Evasion techiques for WAFs
Is there any documented techniques for evading Web application firewall for testing WAF rule configurations.
1
vote
1answer
298 views
Wireshark log analyzing
I have the following Wireshark log and I want to categorize the attack. I think it prints the user under apache runs and then prints the system information. From this log can we determine if the ...
