ModSecurity

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. (by owasp-modsecurity)

ModSecurity Alternatives

Similar projects and alternatives to ModSecurity

  1. SafeLine

    SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

  2. InfluxDB

    InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

    InfluxDB logo
  3. core

    143 ModSecurity VS core

    Online IDE powered by Visual Studio Code ⚡️ (by stackblitz)

  4. workerd

    The JavaScript / Wasm runtime that powers Cloudflare Workers

  5. openappsec

    open-appsec is an open-source machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. It is available for NGINX, NGINX Ingress, Envoy (Soon), Kong (Soon), Ambassador (Soon).

  6. BunkerWeb

    🛡️ Open-source and next-generation Web Application Firewall (WAF)

  7. torrent

    Full-featured BitTorrent client package and utilities

  8. coraza

    OWASP Coraza WAF is a golang modsecurity compatible web application firewall library

  9. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  10. coreruleset

    OWASP CRS (Official Repository)

  11. ModSecurity-nginx

    ModSecurity v3 Nginx Connector

  12. hub

    13 ModSecurity VS hub

    Main repository for crowdsec scenarios/parsers (by crowdsecurity)

  13. naxsi

    Discontinued NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX

  14. crowdsec

    CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.

  15. wafw00f

    5 ModSecurity VS wafw00f

    WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

  16. lua-resty-waf

    High-performance WAF built on the OpenResty stack

  17. blazehttp

    BlazeHTTP 是一款简单易用的 WAF 防护效果测试工具。BlazeHTTP stands as a user-friendly WAF protection efficacy evaluation tool.

  18. uuWAF

    An industry-leading free, high-performance, AI and semantic technology Web Application Firewall and API Security Gateway (WAAP) - UUSEC WAF.

  19. wpscan

    WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via [email protected]

  20. aaWAF

    堡塔云WAF,宝塔免费(free)的私有云网站应用防火墙(firewall),基于docker/nginx/lua开发

  21. modsecurity-spoa

    HAProxy agent for ModSecurity web application firewall

  22. lua-resty-limit-traffic

    Lua library for limiting and controlling traffic in OpenResty/ngx_lua

  23. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better ModSecurity alternative or higher similarity.

ModSecurity discussion

Log in or Post with

ModSecurity reviews and mentions

Posts with mentions or reviews of ModSecurity. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2024-08-26.
  • Comparison on Six Self-Hosted WAF
    3 projects | dev.to | 26 Aug 2024
    Coraza and ModSecurity have a high detection rate, but they are not adapted to reality scenarios, resulting in too many false positives.
  • Top Open-Source WAF Projects: Secure Your Website with the Best Tools
    6 projects | dev.to | 19 Aug 2024
    Official GitHub: ModSecurity Stars: 8K
  • Why SafeLine Might Be the Best Free WAF
    6 projects | dev.to | 12 Aug 2024
    SafeLine vs ModSecurity
  • Recommended free and open-source WAF
    2 projects | dev.to | 24 Jul 2024
  • Recommended free and open-source WAF for 2024.
    6 projects | dev.to | 19 Jul 2024
  • Install Modsecurity + OWASP CRS for Nginx Webserver on Centos 7
    2 projects | dev.to | 27 May 2024
    cd /opt && sudo git clone https://github.com/owasp-modsecurity/ModSecurity.git cd ModSecurity sudo git submodule init sudo git submodule update sudo ./build.sh sudo ./configure sudo make sudo make install
  • Anybody using Crowdsec?
    1 project | /r/unRAID | 4 Mar 2023
    First of all, if you have any experience with Traefik, I'd suggest you to do the reverse proxy stuff with it and install the Crowdsec instance along it. As I didn't have experience using Traefik I went with NPM but now I guess it would have been easier considering the research I had to do... Another reason is, I wanted to implement a geo block and/or another security layer by using ModSecurity (https://github.com/SpiderLabs/ModSecurity ) besides Crowdsec too. Afaik Traefik has a plugin that integrates ModSecurity easily - unless NPM.
  • Has anyone tried this on Blackboard online exams??
    1 project | /r/Professors | 21 Feb 2023
    I don't know about Blackboard, but Moodle will allow quizzes to be run in popups that block most extensions from working; lockdown browsers will block such extensions; and, if you have access to the server, a modified firewall (e.g., ModSecurity) may\* allow blocking this and similar extensions.
  • Ask HN: What's a good open-source alternative to Cloudflare?
    9 projects | news.ycombinator.com | 14 Feb 2023
    > ModSecurity for WAF: https://github.com/SpiderLabs/ModSecurity

    This might be of interest to some: https://www.modsecurity.org/

    > Trustwave is announcing the End-of-Life (EOL) of our support for ModSecurity effective July 1, 2024. We will then hand over the maintenance of ModSecurity code back to the open-source community.

    Probably not too big of a deal, though.

    Also, this might be useful: https://owasp.org/www-project-modsecurity-core-rule-set/

    Though there has been some critique of ModSecurity and that ruleset in the past, as something dated and with false positives.

    Anyone have any good alternatives?

  • WAF with reverse proxy
    2 projects | /r/unRAID | 9 Feb 2023
    Is there a reason no one hasn't made a Docker template for OWASP Coraza (https://github.com/corazawaf/coraza) or ModSecurity (https://github.com/SpiderLabs/ModSecurity) for the use of a reverse proxy?
  • A note from our sponsor - SaaSHub
    www.saashub.com | 21 Jun 2025
    SaaSHub helps you find the best software and product alternatives Learn more →

Stats

Basic ModSecurity repo stats
25
8,923
9.0
10 days ago

Sponsored
InfluxDB – Built for High-Performance Time Series Workloads
InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
www.influxdata.com

Did you know that C++ is
the 7th most popular programming language
based on number of references?