 |
Homepage
Projects
Secfilter
Sécurité.Org
|
| Secfilter |
The goal of this project is to provide some kind of content security to protect loosly developed Web applications. The main idea is to permit web forms field specification in the HTML page, so we can verify that the data submitted match the specification (type and size). The incorrect fields are removed from the request so the Web application only gets 'clean' queries.
Apache::Secfilter is a test implementation to try out a few ideas. It may be implemented as an application (written in C ?) later on.
Secfilter 0.1alpha is out.
Secfilter is an Apache module that will protect your Web Server.
It can be installed on your Apache Web Server or setup as a reverse proxy.
This module will sign the web pages before passing them to the client, and will verify and clean the requests before forwarding to your web server.
The current signature method is sh*t, as I am only using a basic MD5. Next version should fix that.
Please consult the man page for detailled information.
This software is released under the GNU Public License.
|
|
| Download Section |
Secfilter 0.1alpha
|
|
|
|
