mod_protection 0.0.2 relased

shockzor writes “mod_protection is an apache module that integrates basic function of an IDS
(intrusion detection system) and of a firewall (just an emulation for now).
Your apache administrators have only to install mod_protection and define
rules.
Obviously you see that a normal NIDS can’t check SSL tunneled stuff and that
mod_protection can.
When a malicious client sends a request that matches on your rules the
administrator will be warned and the client gets a user defined page or a error
or something that notifies that now he will be persecuted or …
The warning system just write on a socket, so you can put on the other side
of the socket an application that send you a mail, an SMS, a message in your
favourite IM or a notify in your IRC client, or why not open a message box on
your usual box.”What’s new? 0.0.2 ->

introduction of three new directives:

BlockTime and PairAlert PairAlertMatch.

BlockTime introduce a partial emulation of firewall.

Test with CGI scanner.

A little more documentation.

Rules in an external file.

Changed in GPL because Apache license doesn’t make sense for this module.

DIRECT DOWNLOAD HERE (always avaliable in file archive -> security -> monitoring)”

RELATED ARTICLESMORE FROM AUTHOR

Back to School. Back to Skills. Save 40% Sitewide!

How to Deploy Lightweight Language Models on Embedded Linux with LiteLLM

Automating Compliance Management with UTMStack’s Open Source SIEM & XDR

Using OpenTelemetry and the OTel Collector for Logs, Metrics, and Traces

Xen 4.19 is released

RELATED ARTICLES MORE FROM AUTHOR