This new architecture, version 3.0, moves the core functionality into a stand‑alone engine ( libmodsecurity), and interfaces with NGINX Plus through an optimized connector. The NGINX ModSecurity WAF module for NGINX Plus is based on a major rewrite of the legacy, Apache‑based 2.9 release. It is one of the most well‑known, battle‑tested, and trusted names in web application security. Initially released in 2002, it is now used used by more than one million websites globally, including some of the world’s busiest e-commerce and financial applications. ModSecurity, like NGINX Open Source, is available as open source software. The NGINX ModSecurity WAF module plugs into NGINX Plus to help protect applications from security threats SQLi, LFI, and XSS together accounted for 95% of known web application attacks in Q4 2016, according to Akamai. It detects and stops a broad range of attacks – such as SQL injection (SQLi), local file inclusion (LFI), and cross‑site scripting (XSS) – from reaching your applications. We’re pleased to announce general availability of NGINX ModSecurity WAF for production use as a top‑quality, NGINX‑supported WAF. NGINX ModSecurity WAFĪ web application firewall (WAF) is a widely used solution for improving web application security. Successful attacks can also cascade, causing outages and disruptions to customers who depend on applications that have been attacked. Successful attacks are disruptive to business, causing outages, loss of sensitive data, and system takeover by attackers. According to the Q4 2016 State of the Internet / Security Report from Akamai, there were 350 million attacks against web application attacks in that quarter alone. More than ever before, organizations need all the help they can get with web application security.
0 Comments
Leave a Reply. |