ModSecurity
ModSecurity: ModSecurity is a web application firewall (WAF). With over 70% of attacks now carried out over the web application level, organisations need all the help they can get in making their systems secure. WAFs are deployed to establish an increased external security layer to detect and/or prevent attacks before they reach web applications. ModSecurity provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring and real-time analysis with little or no changes to existing infrastructure. SecRule: The main configuration directive used to create ModSecurity rules is called SecRule. Syntax: SecRule Target Operator [Actions] 1. find out difference and write sample http request for below : Get /login.php?username="megala"&password="pass" http/1.1 Server : nginx Date: Cookies:jkjdgiwdkbsjsn Submit="submit" (name = value) ARGS args: return the argumen...