This practice shows how to install and configure mod_security. mod_security is an Apache module that provides intrusion detection and prevention for web applications. It aims at shielding web applications from known and unknown attacks, such as SQL injection attacks, cross-site scripting, path traversal attacks, etc.
ModSecurity can be deployed and integrated in our current Web Servers infrastructure, meaning that we do not have to modify our internal Network, we don’t add any point of failure, we can benefit from load balancing and scalability and we would not have any issues with compress or encrypted Data. ModSecurity is a valuable security tool and have proven to be effective. If we want to protect our web applications this is a tool the deserves your attention.
