ModSecurity WAF Rules Report

Acunetix 360 scans your system to identify vulnerabilities that may have a critical or high severity level. If you cannot fix these vulnerabilities immediately, attackers can exploit them and take control of your website. Acunetix 360 helps prevent attackers from exploiting these vulnerable URLs in your system by allowing you to export rules for ModSecurity Web Application Firewall (WAF).

By generating Acunetix 360’s findings as ModSecurity WAF Rules:

• You can immediately block requests to a resource if the requests contain malicious payloads that would exploit it
• Developers gain time in fixing these vulnerable points
• Your system remains secure until a fix is found and patched

Please note that you cannot cover all security flaws by blocking access to a specific resource using a web application firewall. For example, application source code disclosure cannot be exported as a ModSecurity WAF rule.

For further information, see Overview of Reports, Report Templates, Built-In Reports, and Web Application Firewalls.

How to Generate a ModSecurity WAF Rules Report in Acunetix 360

1. Log in to Acunetix 360.
2. From the main menu, click Scans, then Recent Scans. The Recent Scans window is displayed.

3. Next to the relevant report, click Report. The Scan Summary window is displayed.

4. Click Export. The Export Report dialog is displayed.

5. From the Report dropdown, select ModSecurity WAF Rules.
6. From the Format dropdown, select an option.
7. Click Export. You can view the exported rules in the Save location.