Projects / remo

remo

Remo is a graphical rule editor for ModSecurity, an Apache security module. ModSecurity is quite difficult to configure successfully. Modsecurity.org advertises a tested core ruleset granting you protection from most known attacks, but this is only blocks traffic known to be dangerous, when it is more effective to block everything not known to be safe. Remo is meant to assist in the difficult task of writing the rules that would correctly describe the requests that are valid for an application.

Tags
Licenses
Operating Systems
Implementation

Recent releases

  •  06 Jun 2007 12:38

    Release Notes: This first beta release brings the ability to import ModSecurity audit-logs and match them against the ruleset in the edit-area of Remo. This lets you check if the ruleset which you are developing will work with your online application in practice.

    •  10 Apr 2007 14:57

      Release Notes: This release includes a group of predefined standard regular expressions that make editing of requests a lot easier. The responses to every argument failure can be configured specially, including HTTP status code and optional redirect location. Argument names can now contain regular expressions themselves in order to map tabular forms with dynamic content in remo.

      •  14 Mar 2007 17:16

        Release Notes: Support for query string arguments and cookies. Every request argument can now be optional or mandatory. With this, Remo can qualify basic HTTP requests completely: method, path, query string parameters, headers, post payload parameters, and cookies.

        •  02 Mar 2007 18:17

          Release Notes: The GUI has support for POST arguments, and generates a rule for a single request (generate button next to the request path). The rule generator has support for POST arguments.

          •  22 Feb 2007 13:45

            Release Notes: New features in the GUI include support for HTTP headers in the remo edit window, a customizable list of default headers and default value domains, in-place editing for all supported request properties (method, path and headers), and labels for toolset buttons. Detailarea has been removed. New features in the rule generator include strict checking of headers in the generated ModSecurity ruleset, and a per request rule-group in the ruleset using the LocationMatch directive.

            Screenshot

            Project Spotlight

            OpenStack4j

            A Fluent OpenStack client API for Java.

            Screenshot

            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.