ModSecurity is a very popular open-source web application Firewall used to protect webservers and websites from vulnerability attacks, exploits, unauthorized access and much more. In this article, we’ll show you how web vulnerability scanners (eg Netsparker), can be used to automatically generate the necessary rules that block all vulnerabilities identified during the scan.
This great feature of automatically generating ModSecurity rules for identified vulnerabilities through Netsparker is available for both Netsparker Cloud and Netsparker Desktop editions, giving all Netsparker users the ability to now create and deploy ModSecurity rules immediately – saving valuable time and accelerating the whole scan-&-patching process considerably.
Figure 1. Generating ModSecurity Rules from Netsparker Vulnerability Scanner
ModSecurity is used by many vendors and webservice providers as it is capable of delivering a number of security services including:
- Full HTTP traffic logging. ModSecurity gives you the ability to log anything you need, including raw transaction data, which is essential for forensics analysis and in-depth tracing.
- Web Application Hardening. Helps fix cross-site request forgery vulnerabilities and enforce security policies with other Apache modules.
- Real-time application security monitoring. ModSecurity provides full access to the HTTP traffic stream along with the ability to inspect and action against attacks.
- Becomes a powerful exploit prevention tool when paired with web server and web application vulnerability scanners such as Netsparker.
Netsparker has made available full details on how to use their web application scanner (desktop and cloud-based version) to successfully generate ModSecurity rules that will help identify and block existing vulnerabilities in web applications and web servers.
To read more continue to the following link: Generate ModSecurity Web Application Firewall Rules from Scanners