• Table of Contents
• ModSecurity® Reference Manual
• Current as of v2.6 v2.7 v2.8 v2.9 v3.0
• Copyright © 2004-2022 Trustwave Holdings, Inc.
• Table of Contents
• Introduction
• HTTP Traffic Logging
• Real-Time Monitoring and Attack Detection
• Attack Prevention and Virtual Patching
• Flexible Rule Engine
• Embedded-mode Deployment
• Network-based Deployment
• Portability
• Licensing
• Installation for Apache
• Prerequisites
• ModSecurity 2.x works only with Apache 2.0.x or higher
• mod_uniqueid
• libapr and libapr-util
• libpcre
• libxml2
• liblua v5.x.x
• libcurl v7.15.1 or higher
• Installation Methods
• GitHub Access
• Stable Release Download
• Installation Steps
• UNIX
• Windows (MS VC++ 8)
• Edit the main Apache httpd config file (usually httpd.conf)
• Configure ModSecurity
• Start Apache httpd
• Installation for NGINX
• Installation for Microsoft IIS
• Manually Installing and Troubleshooting Setup of ModSecurity Module on IIS
• Configuration
• Common Problems
• Configuration Directives
• Processing Phases
• Variables
• Transformation Functions
• Actions
• Operators
• Macro Expansion
• Persistent Storage
• Miscellaneous Topics
• Logging in Apache via mod_log_config
• Precedence of ModSecurity over other Apache modules
• A Recommended Base Configuration
• Impedance Mismatch
• Impedance Mismatch with PHP Apps