InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now. Learn more →
ModSecurity Alternatives
Similar projects and alternatives to ModSecurity
-
SafeLine
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
-
JetBrains
Tell us how you use coding tools. You may win a prize! Are you a developer or a data analyst? Share your thoughts about your coding tools in our short survey and get a chance to win prizes!
-
-
-
openappsec
open-appsec is an open-source machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. It is available for NGINX, NGINX Ingress, Envoy (Soon), Kong (Soon), Ambassador (Soon).
-
-
-
-
InfluxDB
InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
-
-
-
-
-
crowdsec
CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
-
wafw00f
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
-
-
uusec-waf
Industry-leading free, high-performance, AI and semantic technology Web Application Firewall and API Security Gateway (WAAP) - UUSEC WAF.
-
blazehttp
BlazeHTTP 是一款简单易用的 WAF 防护效果测试工具。BlazeHTTP stands as a user-friendly WAF protection efficacy evaluation tool.
-
wpscan
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via [email protected]
-
-
-
-
Sevalla
Deploy and host your apps and databases, now with $50 credit! Sevalla is the PaaS you have been looking for! Advanced deployment pipelines, usage-based pricing, preview apps, templates, human support by developers, and much more!
NOTE:
The number of mentions on this list indicates mentions on common posts plus user suggested alternatives.
Hence, a higher number means a better ModSecurity alternative or higher similarity.
ModSecurity discussion
ModSecurity reviews and mentions
Posts with mentions or reviews of ModSecurity.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2024-08-26.
-
Comparison on Six Self-Hosted WAF
Coraza and ModSecurity have a high detection rate, but they are not adapted to reality scenarios, resulting in too many false positives.
-
Top Open-Source WAF Projects: Secure Your Website with the Best Tools
Official GitHub: ModSecurity Stars: 8K
-
Why SafeLine Might Be the Best Free WAF
SafeLine vs ModSecurity
- Recommended free and open-source WAF
- Recommended free and open-source WAF for 2024.
-
Install Modsecurity + OWASP CRS for Nginx Webserver on Centos 7
cd /opt && sudo git clone https://github.com/owasp-modsecurity/ModSecurity.git cd ModSecurity sudo git submodule init sudo git submodule update sudo ./build.sh sudo ./configure sudo make sudo make install
-
Anybody using Crowdsec?
First of all, if you have any experience with Traefik, I'd suggest you to do the reverse proxy stuff with it and install the Crowdsec instance along it. As I didn't have experience using Traefik I went with NPM but now I guess it would have been easier considering the research I had to do... Another reason is, I wanted to implement a geo block and/or another security layer by using ModSecurity (https://github.com/SpiderLabs/ModSecurity ) besides Crowdsec too. Afaik Traefik has a plugin that integrates ModSecurity easily - unless NPM.
-
Has anyone tried this on Blackboard online exams??
I don't know about Blackboard, but Moodle will allow quizzes to be run in popups that block most extensions from working; lockdown browsers will block such extensions; and, if you have access to the server, a modified firewall (e.g., ModSecurity) may\* allow blocking this and similar extensions.
-
Ask HN: What's a good open-source alternative to Cloudflare?
> ModSecurity for WAF: https://github.com/SpiderLabs/ModSecurity
This might be of interest to some: https://www.modsecurity.org/
> Trustwave is announcing the End-of-Life (EOL) of our support for ModSecurity effective July 1, 2024. We will then hand over the maintenance of ModSecurity code back to the open-source community.
Probably not too big of a deal, though.
Also, this might be useful: https://owasp.org/www-project-modsecurity-core-rule-set/
Though there has been some critique of ModSecurity and that ruleset in the past, as something dated and with false positives.
Anyone have any good alternatives?
-
WAF with reverse proxy
Is there a reason no one hasn't made a Docker template for OWASP Coraza (https://github.com/corazawaf/coraza) or ModSecurity (https://github.com/SpiderLabs/ModSecurity) for the use of a reverse proxy?
-
A note from our sponsor - InfluxDB
www.influxdata.com | 1 Sep 2025
Stats
Basic ModSecurity repo stats
25
9,112
9.0
19 days ago
owasp-modsecurity/ModSecurity is an open source project licensed under Apache License 2.0 which is an OSI approved license.
The primary programming language of ModSecurity is C++.
Sponsored
Tell us how you use coding tools. You may win a prize!
Are you a developer or a data analyst? Share your thoughts about your coding tools in our short survey and get a chance to win prizes!
surveys.jetbrains.com