New WAF tool -REMO- the graphical rule editor for ModSecurity

New WAF tool -REMO- the graphical rule editor for ModSecurity

Configuring webserver security made easy – Well, not yet, but that’s the plan…

Christian Folini announced the public release of REMO, a project to build a graphical rule editor for ModSecurity with a positive/whitelist approach.

Short list of features:

  • Ruby on rails application with ajax use
  • Enter http requests, display them, edit them, delete them, rearrange them
  • Edit the http headers of the requests
  • Edit the query string parameters
  • Edit the cookie parameters
  • Edit the post payload arguments
  • Every argument can be optional or mandatory
  • The response to every argument failure can be configured specially including http status code and optional redirect location
  • Argument names can contain regular expressions themselves
  • Default value domains for all arguments. So you do not have to edit a regular expression for every parameter. Just select a predefined value.
  • Generate positive ModSecurity2 ruleset
  • Import ModSecurity audit-logs
  • Check requests in the audit-log against the ruleset in development to find out wether it will work in practice

New WAF tool -REMO- the graphical rule editor for ModSecurity

I invite you to visit REMO website and give it a shot. Combined with the powerfull mod_security apache module, this might well be a viable Web Application Firewall solution for most of the websites.

 



Thank you for reading this post. You can now Leave A Comment (0) or Leave A Trackback. Print This Post Print This Post


Subscribe without commenting


Leave a Reply

Note: Any comments are permitted only because the site owner is letting you post, and any comments will be removed for any reason at the absolute discretion of the site owner.

CommentLuv badge