ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.
Modsecurity has been extended to work with IIS and they even include an MSI installer in their releases. https://github.com/SpiderLabs/ModSecurity
AWS SQL Injection (?)
1 project | reddit.com/r/netsecstudents | 9 Mar 2021
XSS: What it is, how it works, and how to prevent it
1 project | dev.to | 18 Jan 2021
How to implement WAF on Kong Ingress controller? (like ModSecurity v3)
3 projects | reddit.com/r/kubernetes | 4 May 2021
An actual secure selfhosted Reverse Proxy with cool stats?
3 projects | reddit.com/r/selfhosted | 19 Nov 2021
HowTo: WAF with NAXSI for Plex
1 project | reddit.com/r/PleX | 5 Jan 2022