ModSecurity for Java - Help Page

ModSecurity is an open source intrusion detection and prevention engine for web applications. It can also be called an web application firewall. It operates embedded into the web server, acting as a powerful umbrella, shielding applications from attacks.

ModSecurity for Java is designed as a Java Servlet Filter which makes use of ModSecurity's native code using the JNI technology.

Installation

First you need to choose whether to install the latest version of ModSecurity directly from github.com/SpiderLabs/ModSecurity or using pre-compiled binaries from modsecurity.org. We will not discuss how to compile the native libraries needed since these steps are described in the README files from ModSecurity's repository. The native libraries (.so, .dll, etc.) needed for ModSecurity for Java are:

1. zlib1
2. libxml2
3. pcre
4. libapr-1
5. libapriconv-1
6. libaprutil-1
7. ModSecurityJNI

These libraries are loaded by the ModSecurityLoader.jar, which should be placed in your Java server library loader (for example, in Tomcat 7: $CATALINA_HOME/lib). You can build/modify load directory the ModSecurityLoader from /mod_security/java/ModSecurityLoader/src/. The libraries have to be copied in a directory (for example, c:\work\mod_security\java\libs\), which should be accessible to ModSecurityLoader.jar.