ModSecurity
Open source WAF for Nginx and Apache
ModSecurity is the leading open source WAF. Runs as a module for Nginx (via libmodsecurity) and Apache. OWASP Core Rule Set included. Self-hosted on any server.
Pros
- Free and open source
- OWASP Core Rule Set included
- Runs on any Nginx or Apache server
Cons
- Complex to tune — many false positives by default
- Requires WAF expertise
Best For
Security engineers who want a free self-hosted WAF they fully control on their Nginx or Apache servers
Pricing
Free Forever
- Core features included
Compare with alternatives:
Reviews (0)
No reviews yet. Be the first to share your experience!
Articles about ModSecurity
Alternatives to ModSecurity
Sucuri
Website firewall and malware cleanup service
AWS WAF
Amazon WAF integrated with CloudFront and ALB
Hetzner DDoS Protection
Hardware-backed DDoS mitigation for high-traffic infrastructure
Gcore
Global CDN with 150+ PoPs including Russia and CIS
Radware
Behavioral DDoS mitigation with machine learning
F5 BIG-IP
Enterprise application delivery controller
Stay in the loop
Get weekly updates on the best new AI tools, deals, and comparisons.
No spam. Unsubscribe anytime.