Clone this wiki locally
Table of Contents
Add the ability to modify both inbound/outbound data
Improve the handling of IP Address and Network Blocks
Ability to sanitize only matched portions of data
Make sure that we do not block requests when in DetectionOnly mode
Add the ability to dynamically update the variable/target list
Add the ability to parse the returned IP resolution to identify the specific block lists
Add the ability to verify SSN data
Added SecDisableBackendCompression to handle inspection of compressed response body content
Add performance metrics/variables
- Added the PERF_ family of performance variables
- Write more/better examples.
- Enhance ModSecurity internals documentation.
- Better document the different modes of operation.
Introduce decoding and validating of various character sets.
- Making ModSecurity able to work with web servers other than Apache.
- Release IIS, SunOne, Java versions of ModSecurity.
ModSecurity works well when you know exactly what you want to do. We want to expand what it's capable of so it can help in situations where manual configuration is not an option. Configuration reload without restart.
- We want to make it possible for others to contribute new functionality to ModSecurity without having to learn everything about its internals.
- Define data formats, which will allow related products to build on top of what ModSecurity already provides.
- Scripting. Improve performance of the scripting implementation (Lua) and further integrate scripting into the engine.
- Rule writing in C, for when you need that extra bit of flexibility and performance.
Add the ability to inspect data at an Apache connection filter level (without buffering)
- Better reverse proxy deployment documentation.
- Embedded deployment is just one option.
- Coupled with Apache configured in reverse proxy mode, ModSecurity turns into a network-based web application firewall.
- Best practices and cookbook-style documentation.
- We understand better documentation is needed to make full use of ModSecurity.