From c1c86416b4dfeacb4b3ad48dd125ce0e2a50d5b4 Mon Sep 17 00:00:00 2001 From: Max Chadwick Date: Thu, 1 Dec 2016 21:00:49 -0500 Subject: [PATCH] Fix a typo --- Reference-Manual.mediawiki | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Reference-Manual.mediawiki b/Reference-Manual.mediawiki index 15cf4b0..db4d156 100644 --- a/Reference-Manual.mediawiki +++ b/Reference-Manual.mediawiki @@ -15,7 +15,7 @@ In addition to providing logging facilities, ModSecurity can monitor the HTTP tr == Attack Prevention and Virtual Patching == ModSecurity can also act immediately to prevent attacks from reaching your web applications. There are three commonly used approaches: #Negative security model. A negative security model monitors requests for anomalies, unusual behaviour, and common web application attacks. It keeps anomaly scores for each request, IP addresses, application sessions, and user accounts. Requests with high anomaly scores are either logged or rejected altogether. -#Positive security model. When a positive security model is deployed, only requests that are known to be valid are accepted, with everything else rejected. This model requires knownledge of the web applications you are protecting. Therefore a positive security model works best with applications that are heavily used but rarely updated so that maintenance of the model is minimized. +#Positive security model. When a positive security model is deployed, only requests that are known to be valid are accepted, with everything else rejected. This model requires knowledge of the web applications you are protecting. Therefore a positive security model works best with applications that are heavily used but rarely updated so that maintenance of the model is minimized. #Known weaknesses and vulnerabilities. Its rule language makes ModSecurity an ideal external patching tool. External patching (sometimes referred to as Virtual Patching) is about reducing the window of opportunity. Time needed to patch application vulnerabilities often runs to weeks in many organisations. With ModSecurity, applications can be patched from the outside, without touching the application source code (and even without any access to it), making your systems secure until a proper patch is applied to the application. == Flexible Rule Engine ==