← HeatShield Docs

What Is ModSecurity?

ModSecurity is the world's most popular Web Application Firewall (WAF). A WAF is a system that analyzes HTTP requests against various rules to determine if the request is malicious.

ModSecurity is the engine that performs request and rule processing. ModSecurity is only the engine, it does not provide its own set of rules. For WAF rules, most ModSecurity implementations use the popular and well-tested OWASP ModSecurity Core Rule Set.

Both of these tools, ModSecurity and the OWASP ModSecurity Core Rule Set, are open-source which has allowed them to become industry standards and form the basis for many commercial WAF offerings. For example, ModSecurity and the OWASP ModSecurity Core Rule Set are not only used by HeatShield but are also used by CDNs such as Cloudflare to provide their commercial WAF service.

Advanced security for your WordPress sites