During the setup of the box which is slated to replace the current one running this site, I noticed that mod_security had been finally added into the ports tree.

If you’re unfamilliar with what it is, its essentially an Apache module which helps to prevent web application attacks such as Cross-Site Scripting (XSS), SQL Injection, etc. More about mod_security?

Looks like its support for SQL injection in the default config file is pretty weak. I’ve already crossed the bridge of writing 10 billion regular expressions to capture common SQL Injection attacks, so looks like I’ll have to convert them to the config file format for mod_security, and post them. I’ll provide a follow-up post once I get around to that.