ModSecurity™ is a web application firewall engine that provides very little protection on its own. In order to become useful, ModSecurity™ must be configured with rules. In order to enable users to take full advantage of ModSecurity™ out of the box, Trustwave's SpiderLabs is providing a free certified rule set for ModSecurity™ 2.x. Unlike intrusion detection and prevention systems, which rely on signatures specific to known vulnerabilities, the Core Rules provide generic protection from unknown vulnerabilities often found in web applications, which are in most cases custom coded. The Core Rules are heavily commented to allow it to be used as a step-by-step deployment guide for ModSecurity™.

Core Rules Content

In order to provide generic web applications protection, the Core Rules use the following techniques:

HTTP Protection - detecting violations of the HTTP protocol and a locally defined usage policy.
Real-time Blacklist Lookups - utilizes 3rd Party IP Reputation
Web-based Malware Detection - identifies malicious web content by check against the Google Safe Browsing API.
HTTP Denial of Service Protections - defense against HTTP Flooding and Slow HTTP DoS Attacks.
Common Web Attacks Protection - detecting common web application security attack.
Automation Detection - Detecting bots, crawlers, scanners and other surface malicious activity.
Integration with AV Scanning for File Uploads - detects malicious files uploaded through the web application.
Tracking Sensitive Data - Tracks Credit Card usage and blocks leakages.
Trojan Protection - Detecting access to Trojans horses.
Identification of Application Defects - alerts on application misconfigurations.
Error Detection and Hiding - Disguising error messages sent by the server.

This extension embeds the Google's V8 Javascript Engine into PHP.

Enterprise Content Management System, Version 4.5 (Long Term Support)

Enterprise Content Management System, Version 4.6

Enterprise Content Management System, Version 4.7

TYPO3 FLOW is a web application platform enabling developers creating excell ent web solutions and bring back the joy of coding.

It gives you fast results. It is a reliable foundation for complex applications. And it is backed by one of the biggest PHP communities.

TYPO3 FLOW is not a pick'n'mix store of motley components. It's a framework which helps you with the infrastructure of your application. Object Lifecycle Management, Package Management, Resource Management and Security are on it's home field. Real business logic is left to custom packages.

Whenever possible, TYPO3 FLOW analyzes your code for choosing the right configuration for you. Clear conventions and an intuitive API let you concentrate on the essential parts of your application. After all you want to write PHP and not XML, YAML, INI, don't you?

Well-proven concepts from various frameworks, applications and programming languages were considered for the design of TYPO3 FLOW. Techniques like Dependency Injection and Aspect-Oriented Programming open up new ways of developing PHP applications. But instead of just copying other solutions, the concepts have been carefully adapted to fit the "TYPO3 FLOW feeling".

TYPO3 FLOW was created as the foundation of the next generation TYPO3 CMS. Applications based on TYPO3 FLOW can be used as a plugin in TYPO3 or serve as standalone solutions, completely independent from the CMS. By using TYPO3 FLOW as an application platform, you get a CMS on top!

Instance manager for Typo3 on SuSE Linux

HTTrack is a free (GPL, libre/free software) and easy-to-use offline browser utility.

It allows you to download a World Wide Web site from the Internet to a local directory, building recursively all directories, getting HTML, images, and other files from the server to your computer. HTTrack arranges the original site's relative link-structure. Simply open a page of the "mirrored" website in your browser, and you can browse the site from link to link, as if you were viewing it online. HTTrack can also update an existing mirrored site, and resume interrupted downloads. HTTrack is fully configurable, and has an integrated help system.

ModSecurity™ is a web application firewall engine that provides very little protection on its own. In order to become useful, ModSecurity™ must be configured with rules. In order to enable users to take full advantage of ModSecurity™ out of the box, Trustwave's SpiderLabs is providing a free certified rule set for ModSecurity™ 2.x. Unlike intrusion detection and prevention systems, which rely on signatures specific to known vulnerabilities, the Core Rules provide generic protection from unknown vulnerabilities often found in web applications, which are in most cases custom coded. The Core Rules are heavily commented to allow it to be used as a step-by-step deployment guide for ModSecurity™.

Core Rules Content

In order to provide generic web applications protection, the Core Rules use the following techniques:

HTTP Protection - detecting violations of the HTTP protocol and a locally defined usage policy.
Real-time Blacklist Lookups - utilizes 3rd Party IP Reputation
Web-based Malware Detection - identifies malicious web content by check against the Google Safe Browsing API.
HTTP Denial of Service Protections - defense against HTTP Flooding and Slow HTTP DoS Attacks.
Common Web Attacks Protection - detecting common web application security attack.
Automation Detection - Detecting bots, crawlers, scanners and other surface malicious activity.
Integration with AV Scanning for File Uploads - detects malicious files uploaded through the web application.
Tracking Sensitive Data - Tracks Credit Card usage and blocks leakages.
Trojan Protection - Detecting access to Trojans horses.
Identification of Application Defects - alerts on application misconfigurations.
Error Detection and Hiding - Disguising error messages sent by the server.

TYPO3 FLOW is a web application platform enabling developers creating excell ent web solutions and bring back the joy of coding.

It gives you fast results. It is a reliable foundation for complex applications. And it is backed by one of the biggest PHP communities.

TYPO3 FLOW is not a pick'n'mix store of motley components. It's a framework which helps you with the infrastructure of your application. Object Lifecycle Management, Package Management, Resource Management and Security are on it's home field. Real business logic is left to custom packages.

Whenever possible, TYPO3 FLOW analyzes your code for choosing the right configuration for you. Clear conventions and an intuitive API let you concentrate on the essential parts of your application. After all you want to write PHP and not XML, YAML, INI, don't you?

Well-proven concepts from various frameworks, applications and programming languages were considered for the design of TYPO3 FLOW. Techniques like Dependency Injection and Aspect-Oriented Programming open up new ways of developing PHP applications. But instead of just copying other solutions, the concepts have been carefully adapted to fit the "TYPO3 FLOW feeling".

TYPO3 FLOW was created as the foundation of the next generation TYPO3 CMS. Applications based on TYPO3 FLOW can be used as a plugin in TYPO3 or serve as standalone solutions, completely independent from the CMS. By using TYPO3 FLOW as an application platform, you get a CMS on top!

Instance manager for Typo3 on SuSE Linux