Configuring webserver security made easy - Well, not yet, but that’s the plan…

Christian Folini announced the public release of REMO, a project to build a graphical rule editor for ModSecurity with a positive/whitelist approach.

Short list of features:

• Ruby on rails application with ajax use
• Enter http requests, display them, edit them, delete them, rearrange them
• Edit the http headers of the requests
• Edit the query string parameters
• Edit the cookie parameters
• Edit the post payload arguments
• Every argument can be optional or mandatory
• The response to every argument failure can be configured specially including http status code and optional redirect location
• Argument names can contain regular expressions themselves
• Default value domains for all arguments. So you do not have to edit a regular expression for every parameter. Just select a predefined value.
• Generate positive ModSecurity2 ruleset
• Import ModSecurity audit-logs
• Check requests in the audit-log against the ruleset in development to find out wether it will work in practice