ModSecurity integration for SVR.JS just arrived!

ModSecurity integration for SVR.JS just arrived!

Published on: January 21, 2025

We are excited to announce the integration of ModSecurity into SVR.JS, enhancing the security of your web applications with a robust Web Application Firewall (WAF). ModSecurity is an open-source, cross-platform WAF engine renowned for its comprehensive HTTP traffic monitoring and real-time analysis capabilities.

Understanding the need for a WAF

Web applications are constantly exposed to various threats, including SQL injection, cross-site scripting (XSS), and other malicious attacks. A WAF serves as a protective barrier, filtering, monitoring, and blocking harmful HTTP/S traffic between the web application and the internet. By implementing a WAF, you add an essential layer of defense to safeguard your applications from unauthorized access and data breaches.

Key features of ModSecurity integration

The ModSecurity integration introduces several configurable properties within SVR.JS:

  • modSecurityRulesPath (String) - specifies the path to the ModSecurity configuration file, essential for proper integration. Relative paths are resolved from the SVR.JS installation root.
  • maxRequestCheckedSize (Number) - defines the maximum size (in bytes) of the request body to be inspected. The default is 65536 (64 KiB).
  • maxRequestCheckedSizeStrict (Boolean) - enables strict request body limits. If the request body exceeds the specified size, the server responds with a 413 Content Too Large error. The default is false.
  • maxResponseCheckedSize (Number) - sets the maximum size (in bytes) of the response body to be inspected. A value of 0 disables response body checking. The default is 65536 (64 KiB).

Installation requirements

To utilize this integration, you need to install the external modsecurity npm package, which provides Node.js bindings to libmodsecurity. Before installing, ensure that ModSecurity 3 and its development libraries are present on your system. Installation commands and further details are available on the modsecurity npm package page.

Enhancing security with OWASP Core Rule Set

For comprehensive protection, we recommend installing the OWASP Core Rule Set (CRS). The CRS provides a set of generic attack detection rules for use with ModSecurity, aiming to protect web applications from a wide range of attacks, including the OWASP Top Ten.

Comparison with Easy-WAF integration

While SVR.JS also supports the easy-waf integration, it's important to note the distinctions:

  • ModSecurity integration - offers a mature and widely adopted WAF solution with extensive community support and a comprehensive set of features.
  • Easy-WAF integration - provides an easy-to-use WAF for Node.js applications, suitable for developers seeking straightforward implementation. However, it is noted as more of an educational tool than a professional security solution.

Important security notice

While integrating a WAF like ModSecurity significantly enhances your application's security posture, it is not a substitute for secure coding practices. Attackers may find ways to bypass WAF protections; therefore, always validate and sanitize user inputs and adhere to security best practices in your development process.

We encourage you to integrate ModSecurity into your SVR.JS applications to bolster security and protect against prevalent web threats.