AWS WAF
Web Application Firewall that protects web applications and APIs from common exploits and attacks by defining security rules
Open-Source Projects
Discover top open-source software, updated regularly with real-world adoption signals.
Discover top open-source software, updated regularly with real-world adoption signals.
High-performance, language-agnostic security engine for web traffic
Libmodsecurity is a C/C++ library that parses ModSecurity SecRules, applies them to HTTP requests via pluggable connectors, delivering faster, Apache-free web application firewall capabilities across platforms.
Libmodsecurity is the core library of the ModSecurity v3 project, offering a language‑agnostic engine that parses SecRule files and evaluates HTTP traffic. It is aimed at developers and security engineers who need a programmable web‑application firewall that can be embedded into any server environment.
The library provides both C and C++ APIs with identical feature sets, allowing applications to load rule sets from files or URIs, process connections, and trigger interventions. By removing all Apache dependencies, it delivers higher throughput and a modular architecture where separate connector projects (e.g., ModSecurity‑nginx) handle the web‑server interface. Optional components such as libinjection and curl enable advanced operators like @detectXSS, @detectSQL, and remote rule fetching. Comprehensive unit and regression tests, along with SonarCloud quality badges, ensure reliability. Documentation is generated via Doxygen, giving developers ready‑to‑use examples and API references.
When teams consider ModSecurity, these hosted platforms usually appear on the same shortlist.
Web Application Firewall that protects web applications and APIs from common exploits and attacks by defining security rules
Cloud-native WAF service that protects web apps from common attacks (SQL injection, XSS) by filtering malicious HTTP/S traffic
Unified threat management and endpoint security
Looking for a hosted option? These are the services engineering teams benchmark against before choosing open source.
Integrate WAF into a custom C++ microservice
Real-time request inspection using SecRules without an external web server module
Add ModSecurity protection to Nginx
Leverage the ModSecurity-nginx connector to enforce rule sets at the edge
Implement custom logging for security events
Use the C++ API to plug in a JSON logger that meets compliance needs
Deploy rule updates from a remote repository
Utilize SecRemoteRules directive (with curl) to fetch and apply new policies automatically
No, the library has no Apache dependencies; connectors handle web-server integration.
Both C and C++ interfaces are provided, offering identical functionality.
Each server (e.g., Nginx, IIS) has its own connector repository, allowing independent release cycles.
libinjection for @detectXSS/@detectSQL and curl for SecRemoteRules; missing them disables those features.
Run Doxygen with the supplied configuration to generate HTML docs from the code comments.
Project at a glance
ActiveLast synced 4 days ago