Awesome

modsecurity

A Rust-interface to the ModSecurity library.

If you're looking for low-level FFI bindings to libmodsecurity, check out modsecurity-sys.

Example

Block requests with admin in the path

use modsecurity::{ModSecurity, Rules};

let ms = ModSecurity::default();

let mut rules = Rules::new();
rules.add_plain(r#"
    SecRuleEngine On

    SecRule REQUEST_URI "@rx admin" "id:1,phase:1,deny,status:401"
"#).expect("Failed to add rules");

let mut transaction = ms
    .transaction_builder()
    .with_rules(&rules)
    .build()
    .expect("Error building transaction");

transaction.process_uri("http://example.com/admin", "GET", "1.1").expect("Error processing URI");
transaction.process_request_headers().expect("Error processing request headers");

let intervention = transaction.intervention().expect("Expected intervention");

assert_eq!(intervention.status(), 401);

More examples can be found in the examples directory.

Documentation

Information regarding the ModSecurity language can be found in the ModSecurity Reference Manual.

Documentation for this crate can be found on docs.rs.

Requirements

This crate requires libmodsecurity >= 3.0.6 to be installed on your system.

License

Licensed under either of

• Apache License, Version 2.0, (LICENSE-APACHE or https://www.apache.org/licenses/LICENSE-2.0)
• MIT license (LICENSE-MIT or https://opensource.org/licenses/MIT)

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.