SaaSHub helps you find the best software and product alternatives Learn more →
ModSecurity Alternatives
Similar projects and alternatives to ModSecurity
-
SafeLine
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
-
InfluxDB
InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
-
-
-
openappsec
open-appsec is an open-source machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. It is available for NGINX, NGINX Ingress, Envoy (Soon), Kong (Soon), Ambassador (Soon).
-
-
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
-
-
-
-
crowdsec
CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
-
wafw00f
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
-
-
blazehttp
BlazeHTTP 是一款简单易用的 WAF 防护效果测试工具。BlazeHTTP stands as a user-friendly WAF protection efficacy evaluation tool.
-
uuWAF
An industry-leading free, high-performance, AI and semantic technology Web Application Firewall and API Security Gateway (WAAP) - UUSEC WAF.
-
wpscan
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via [email protected]
-
-
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
NOTE:
The number of mentions on this list indicates mentions on common posts plus user suggested alternatives.
Hence, a higher number means a better ModSecurity alternative or higher similarity.
ModSecurity discussion
ModSecurity reviews and mentions
Posts with mentions or reviews of ModSecurity.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2024-08-26.
-
Comparison on Six Self-Hosted WAF
Coraza and ModSecurity have a high detection rate, but they are not adapted to reality scenarios, resulting in too many false positives.
-
Top Open-Source WAF Projects: Secure Your Website with the Best Tools
Official GitHub: ModSecurity Stars: 8K
-
Why SafeLine Might Be the Best Free WAF
SafeLine vs ModSecurity
- Recommended free and open-source WAF
- Recommended free and open-source WAF for 2024.
-
Install Modsecurity + OWASP CRS for Nginx Webserver on Centos 7
cd /opt && sudo git clone https://github.com/owasp-modsecurity/ModSecurity.git cd ModSecurity sudo git submodule init sudo git submodule update sudo ./build.sh sudo ./configure sudo make sudo make install
-
Anybody using Crowdsec?
First of all, if you have any experience with Traefik, I'd suggest you to do the reverse proxy stuff with it and install the Crowdsec instance along it. As I didn't have experience using Traefik I went with NPM but now I guess it would have been easier considering the research I had to do... Another reason is, I wanted to implement a geo block and/or another security layer by using ModSecurity (https://github.com/SpiderLabs/ModSecurity ) besides Crowdsec too. Afaik Traefik has a plugin that integrates ModSecurity easily - unless NPM.
-
Has anyone tried this on Blackboard online exams??
I don't know about Blackboard, but Moodle will allow quizzes to be run in popups that block most extensions from working; lockdown browsers will block such extensions; and, if you have access to the server, a modified firewall (e.g., ModSecurity) may\* allow blocking this and similar extensions.
-
Ask HN: What's a good open-source alternative to Cloudflare?
> ModSecurity for WAF: https://github.com/SpiderLabs/ModSecurity
This might be of interest to some: https://www.modsecurity.org/
> Trustwave is announcing the End-of-Life (EOL) of our support for ModSecurity effective July 1, 2024. We will then hand over the maintenance of ModSecurity code back to the open-source community.
Probably not too big of a deal, though.
Also, this might be useful: https://owasp.org/www-project-modsecurity-core-rule-set/
Though there has been some critique of ModSecurity and that ruleset in the past, as something dated and with false positives.
Anyone have any good alternatives?
-
WAF with reverse proxy
Is there a reason no one hasn't made a Docker template for OWASP Coraza (https://github.com/corazawaf/coraza) or ModSecurity (https://github.com/SpiderLabs/ModSecurity) for the use of a reverse proxy?
-
A note from our sponsor - SaaSHub
www.saashub.com | 21 Jun 2025
Stats
Basic ModSecurity repo stats
25
8,923
9.0
10 days ago
owasp-modsecurity/ModSecurity is an open source project licensed under Apache License 2.0 which is an OSI approved license.
The primary programming language of ModSecurity is C++.
Sponsored
InfluxDB – Built for High-Performance Time Series Workloads
InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
www.influxdata.com