Enhancing Web Application Security with WAF Mod Security and Abuse IPDB Integration

Enhancing Web Application Security with WAF Mod Security and Abuse IPDB Integration

Published by : http://www.ijert.org

International Journal of Engineering Research & Technology (IJERT)

ISSN: 2278-0181

Volume 13, Issue 03 March 2024

Reddyvari Venkateswara Reddy, Borra Karunakar, Borra Jaithra, Annapureddy Ajay Associate Professor, Department of CSE (Cybersecurity), CMR College of Engineering & Technology, Hyderabad, Telangana State, India.

B. Tech Students, Department of CSE (Cybersecurity), CMR College of Engineering & Technology, Hyderabad, Telangana State, India.

AbstractDuring times when web applications are at an ever- higher chance of facing cyber threats, the incorporation of notable safety measures is critical to preventing data leaks and other unforeseen downtimes. The paper below is focused on the combined use of WAF ModSecurity and the Software Module of Abuse Intrusion Detection System, which makes the web application security strong. The integration includes the picture of real-time threat intelligence provided by AbuseIPDB and, with the use of WAF ModSecurity, enhances the detention and mitigation processes. The main body of the abstract gives an ultimate step-by- step look at how to integrate a WAF ModSecurity with AbuseIPDB, which includes the installation and configuration of ModSecurity as well as the authentication and querying of AbuseIPDB's API. The document outlines a use-case example, which involves the details of syntax, including the rules engine, API key authentication, and evaluation of abuseIPDB responses to undertake specific actions bearing in mind malicious activities. Moreover, this abstract calls for an end-to-end monitoring system while logging data and feedback loops to improve security solutions accordingly.

KeywordsWeb Application Security, WAF (Web Application Firewall), ModSecurity, AbuseIPDB, Integration, Cybersecurity, Threat Detection, Incident Response, Malicious IP Addresses, API Integration, Attack Mitigation, Blacklisting, Security Posture, Scalability, Performance Metrics, Threat Intelligence, Real-time Protection, Vulnerability Management, Risk Mitigation, Automation, OWASP Core Rule Set.

1 INTRODUCTION

In the current digital environment, web applications are booming convenience and scale of operations, they are also the main theme for cyber threats and insecure attacks. The array of attack vectors is wide and is comprised of injection attacks, XSS, or cross-site scripting, and distributed denial- of-service (DDoS) attacks. Meanwhile, the spectrum of vulnerabilities facing web applications is endlessly diverse and ever-evolving. With the growing number of business organizations increasingly transacting over the web, it has become essential to have a secured application and integrity as well.

To counteract the evolving danger sharpness, organizations have resorted to different security mechanisms combined with many technologies to prevent their web applications from getting attacked. A single such technology is the Web Application Firewall (WAF), which has acquired wide fervor recently. WAFs are positioned as intermediaries, performing inspection of inbound HTTP requests and subsequently filtering out the harmful traffic before it is relatively addressed to the application. Providing for thorough scrutiny of the requests content and context, WAFs are now able to detect a plethora of attacks and eliminate them, such as SQL injection, cross-site scripting, and brute force attacks. Among a wide variety of WAF solutions, ModSecurity is a pretty popular and widely employed WAF that is free and open source. Trustwave, the company behind it, produced ModSecurity, a strong and versatile WAF module that can be smoothly incorporated into web servers in this regard, such as Apache and Nginx. The full-fledged rule set one can choose from ModSecurity, along with its customizable configuration options, offers organizations the necessary

control to well-equip these security policies as per their particular needs and demands.

IJERTV13IS030034

(This work is licensed under a Creative Commons Attribution 4.0 International License.)

1.1 The Nature and Substance of Web Application Security

Before going into the details of WAF ModSecurity and AbuseIPDB integration, it will be vital to understand the broader view of web application security efforts and the challenges enterprises face in securing their online resources. Web apps have turned out to be among the essential tools for businesses in almost all industries, letting them interact with customers, run transactions, and render services with higher speed and efficiency than before. While this overuse of web applications opens the door to the organization for security risks and vulnerabilities, it also provides a way forward for organizations to effectively reduce their vulnerabilities to such cyber-attacks.

Problems in web application protection is its high complexity in a dynamically growing web ecosystem. A multitude of web technologies and frameworks have been used in developing web applications, so their complexity has grown exponentially, making the task of identifying security- vulnerable areas quite a difficult one.

The threat landscape for securing web applications is also dynamic, and this is made worse by the new techniques that emerging malicious attackers capitalize on to achieve their objectives. The perpetrators perpetually have a thrust and continue to scout for vulnerabilities in web applications and software code, the ones that they exploit by leveraging misconfiguration, weak authentication mechanisms, etc. to bring inability or interruption in operations. There is no limit to the caliber of the opponents aiming to compromise the security of web applications to the extent of having automated bots for a highly advanced cyber group.

2 LITERATURE REVIEW

Web Application Firewalls: ModSecurity Overview This article talks almost about ModSecurity, a web application firewall (WAF) that secures web applications against overt threats in particular frameworks.It covers the plan, highlights, and sending options of ModSecurity. Ampleness of ModSecurity in expecting SQL mixture ambushes This survey examines whether ModSecurity can recognize and maintain a strategic distance from SQL mixture attacks. The consideration focuses on supplying an sympathetic of the qualities and obstacles of ModSecurity in directing this common chance to web applications.

This article compares ModSecurity with commercial WAF courses of action in relations of survey execution, ease of use, and practicality in maintaining a strategic distance from web application attacks. It gives information on ModSecurity's qualities and deficiencies compared to commercial competitors.

ModSecurity runs the appear set optimization strategies. This study examines how to optimize ModSecurity by running the appearance sets for prevalent execution and less unfaithful positives. It joins strategies such as run-the-appear solidifying, standard expression optimization, and

irregularity disclosure to make ModSecurity executions more profitable.

ModSecurity Execution Best Sharpens: This overview analyzes how ModSecurity execution best sharpens different organizational settings, giving useful information studies. An exploratory examination of setup methods, approach organization methods, and integration considerations to optimize the reasonability of ModSecurity courses of action. By considering distinctive components specific to individual organizational settings, this overview focuses on providing a commonsene heading for organizations seeking to move forward with their ModSecurity capabilities.

ModSecurity in Cloud Circumstances: Challenges and Opportunities This composing overview looks at the challenges and openings related to actualizing ModSecurity in cloud circumstances. It addresses distinctive issues such as versatility, multi-tenancy, and integration with cloud-based security organizations. This overview gives beneficial information for organizations considering a WAF course of action in a cloud course of action.

ModSecurity for API Security: Utilization Method Review Centering on API security, this study looks at utilization strategies for utilizing ModSecurity to secure web APIs. It joins methods for securing API endpoints, directing confirmation and authorization, and calming common API vulnerabilities.

Machine learning procedures for creating ModSecurity rules: Ponder: This ponder examines machine learning procedures for normally creating ModSecurity rules. It consolidates methods such as coordinated learning, peculiarity revelation, and characteristic tongue planning execution and adequacy of WAF run the appearance sets.

Scalable Sending Structures for ModSecurity: A Review This review surveys a flexible course of action model for ModSecurity in high-traffic circumstances. It joins methods such as stack altering, clustering, and bundling to guarantee perfect execution and the unflinching quality of WAF organizations.

"ModSecurity Logging and Checking: Gadgets and Best Sharpeners" Centering on logging and watching, this review recognizes the driving methodologies and gadgets for collecting and analyzing ModSecurity log collection. It talks about the centrality of log organization in effectively recognizing and responding to security scenes.

Managing ModSecurity Rules: Challenges and Solutions Tending to the challenges of ruleset organization, this review consolidates methods and gadgets for reasonably managing ModSecurity rulesets. It looks at adjustment control, runs the appear customization, and runs the appear lifecycle organization sharpens to optimize the WAF course of action.

"ModSecurity Evasion Strategies: A Review of Defense Rebellious" This article overviews the evasion strategies

utilized to upset ModSecurity securities and investigates defense disobedient to decrease evasion endeavors.It covers approaches such as irregularity disclosure, tradition endorsement, and heuristic examination to progress WAF flexibility.

3 METHODOLOGY

In our progressing commitment to brace our advanced framework against advancing cyber security dangers, we are actualizing ModSecurity WAF as an foundation of our defense procedure.

After a picky examination of accessible courses of activity, ModSecurity risen as the clear choice, standing at the biting the dust edge as the best-in-class open-source web application firewall.

ModSecurity recognizes itself through its strong and enthusiastic risk region capabilities, guaranteeing a comprehensive shield against a swarm of cyber risks centered on web applications.

Figure 1. Flow Chart

Standout highlights of ModSecurity is its user-friendly interface, which engages security staff with ordinary controls and real-time permeability of potential risks.

Figure 2. DVWA configuration

The testing of the firewall has been done on a platform called DVWA(Damn Vulnerable Web Application).

Apache2 Configuration

The Apache HTTP server, sometimes called Apache, Configuration involves making changes to server settings to control Apache2's behavior in several areas, such as serving web content, handling requests, and managing domain security.

The main Apache2 configuration file is located by default in

/etc/apache2/apache2.conf.

These formation files are typically symlinked from their original location in the /etc/apache2/sites-available/ directory to the /etc/apache2/sites-enabled/ directory to enable them.

Figure 3. Apache2 Configuration

Damn Vulnerable Web Application (DVWA)

Damn Vulnerable Web Application (DVWA) is a purposefully vulnerable web application designed for educational. DVWA was founded by security experts to give professionals, students.

DVWA allows users to practice security issue identification, exploitation, and mitigation in a controlled environment. With every security level that the software offersfrom low to highusers are placed in more difficult situations. Users may test vulnerabilities like SQL injection, cross-site scripting (XSS), command injection, and more by engaging with DVWA.

Figure 4. DVWA Application

4 COMMON SECURITY RISKS IN WEB APPLICATIONS

Applications are powerless against different security dangers that might result in compromised information and unapproved get to to wrong data. Several common security dangers that web apps have to be bargain with are as follows:

• Broken Get to Control:

  This helplessness happens when an aggressor circumvents the get-to-control instruments application, in this manner giving them unapproved access to pivotal areas of the computer program.

• Botches in Cryptography:

  A small sum of cryptography utilized can result in information altering, spillage, and unauthorized get to individual information.

• Assaults Based on Infusion:

  Implantation ambushes can cause undesirable get-to and information breaches by controlling online application input to run noxious scripts or informational. Illustrations of such ambushes incorporate cross-site scripting (XSS) and SQL blending.

• Insecure Design: Data breaches because of possible inherent security weaknesses.

  • Security Misconfiguration: When web servers, frameworks, and other components are configured incorrectly, vulnerabilities may arise that hackers

    might take advantage of to obtain unauthorized access or carry out destructive actions.

    1. IMPORTANCE OF WEB APPLICATION SECURITY

       There are several reasons why secure online apps are necessary.

       1. Trust and Reputation: Web application security creating and maintaining a positive reputation. Users who prioritize data security are more likely to interact.

       2. Legal and Compliance Standards: In many firms, data protection is governed by certain legal and compliance standards. Inadequate web application security protocols may lead to fines and legal consequences.

    2. Modsecurity's Benefits For WAF

       Utilizing WAF For online application security, ModSecurity has a number of advantages.

• Preventing renowned vulnerabilities: WAF ModSecurity employs a set of security guidelines to recognize and stop frequent web application flaws, hence decreasing the likelihood of successful assaults.

• Threat detection in real-time: WAF ModSecurity uses rule-based analysis and constant traffic monitoring to spot attacks in real time.

• Efficient attack detection: WAF ModSecurity employs many techniques, including anomaly detection, pattern matching, and IP reputation checks, to precisely identify and thwart malevolent activities.

• Flexible security rules: Administrators may design and modify security rules using WAF ModSecurity to meet the particular needs of their online apps.

  1. How can AbuseIPDB may Improve Web Application Security

     The following benefits may be obtained by including AbuseIPDB into web application security measures:

• IP reputation checks: AbuseIPDB makes it possible for businesses to do IP reputation checks instantly. Unusual traffic can be immediately stopped by cross-referencing incoming connections with reported abusive IP addresses.

• Community-driven intelligence: The extensive database of AbuseIPDB is constructed using user reports. Organizations may profit from and contribute to the community's shared intelligence in idenifying malicious IP addresses by integrating AbuseIPDB.

• Effective threat response: A framework for reporting abusive IPs is offered by AbuseIPDB. Organizations may aid in the worldwide battle against cybercrime and defend other online applications from similar assaults by exchanging information about emerging dangers.

  1. Steps for Integrating AbuseIPDB with Web Applications

• API Key: Obtain an AbuseIPDB API key. The API key allows web application to integrate with the AbuseIPDB interface in order to query the AbuseIPDB database for IP reputation checks.

• Real-time Checks: Implement the the logic system necessary to perform real-time IP reputation checks during incoming requests. If an incoming IP is deemed abusive, take appropriate measures such as blocking the IP or additional security implementation.

• Register: Sign up for an AbuseIPDB account. This gives you access to both reporting and checking.

  1. Key Characteristics In The Upkeep Of Web Application Security

• Frequent updates: Make sure that WAF ModSecurity, AbuseIPDB, and other security components are updated with the latest patches and rule updates every time new security update, thus, effectively addressing new threats.

• Incident response strategy: Develop a robust incident response plan which entails process for (a) detection, containment, and (b) minimization of security incidents. Regularly test and adapt the strategy to keep an optimum efficiency.

• User awareness and education: Supply of training materials on web application security best practices, strong passwords, and phishing and social engineering risks; users, administrators.

  5 SYSTEM REQUIREMENTS

• Hardware: A server or a VM with sufficient resources to handle the network traffic and the processes execution of the firewall with equitable response and processing time.

• Operating System: The firewall software that will be chosen must be in line with operating system of choice. The most usual types to be found are Linux distributions* like Ubuntu Server, CentOS or a Windows OS with virtualization.

• Internet Connection: Steady internet connectivity is a prerequisite for the firewall to manage incoming and outgoing traffic smoothly.

  6 RESULT

  Fig.11 SQL Injection with Modsecurity Off

  Fig.12 SQL Injection with Modsecurity On

  7 CONCLUSION

  Website Application Security Enhancement with ModSecurity and AbuseIPDB Integration important issue of cybersecurity, which is constantly changing. During this course of my research tour, we covered different aspects of web application security, starting from the features and risks associated with integrating WAF ModSecurity with AbuseIPDB to the defense against attacks from malicious users and cyber threats. To conclude, this exploration brings us to the concluding point where the key aspects, implications, and future directions must be discussed. Most importantly, web application security cannot be overemphasized. Hence, securing web applications from cyber threats becomes vital. The growing complexity of attack vectors such as SQL injection and cross-site scripting highlights the need for effective safeguards to prevent risks and secure critical data. WAF ModSecurity is the stalwart defender in the realm of web application security, full of rich capabilities that can be put to various uses to protect apps against different types of cyber attacks. ModSecurity, which is a rule-based module and real-time inspection engine, gives organizations a way to identify and block malicious activities at the application level, thereby reducing the chance of exposure and data breaches. As ModSecurity interfaces with AbuseIPDB, security operations are now being proactive in their threat intelligence-driven approach. Which is a system of blacklisted IP addresses, organizations can strengthen their

  IJERTV13IS030034

  (This work is licensed under a Creative Commons Attribution 4.0 International License.)

  threat defense capabilities and shield their web applications from malicious traffic in advance. This makes defenses more powerful in countering current threats and also provides analysis of cyber attack trends and patterns, which allows for one-step proactive strategy development.

  8 FUTURE SCOPE

  • Advancements in Machine Learning and AI: Integration of machine learning and artificial intelligence (AI) methods sets off the extensive possibilities for enhancement of WAF ModSecurity and AbuseIPDB. Future studies can concentrate on designing machine learning algorithms to improve threat detection accuracy, detect a new attack pattern, and adaptively change security policies in real time to adapt to changes in the threat.

  • Deep Learning for Anomaly Detection: The deep learning algorithms, especially those based on neural networks, provide usage opportunities for detecting abnormal activities and zero-day attacks with better accuracy. The focus of study in this field may be on the adoption of deep learning methods to detect web traffic anomalies, identify malicious activities, and distinguish between genuine and malicious traffic more precisely.

  • Integration with Threat Intelligence Platforms: Furthermore, future build-ins to all other threat intelligence systems, including the IPDB, would surely increase the efficiency of the ModSecurity WAF. The aggregation of threat intelligence feeds from multiple sources enables organizations to develop a more complete perception of the new emerging threats and react by strengthening their defense.

  • Enhanced Automation and Orchestration: Automation and orchestration tools can speed up security operations, provide swift responses to security issues, and ensure the same enforcement of security policies across distributed environments. It might be a matter to be handled in the future by integrating WAF ModSecurity and AbuseIPDB with orchestration system frameworks to automate threat detection, incident response, and remediation processes.

  • Containerization and Microservices Security: The security of web applications deployed in containerized environments becomes rather problematic with the increasing number of containerized deployments and microservices architectures. Future research is about the methods of integration of WAF ModSecurity and AbuseIPDB with container orchestration platforms like Kubernetes in a way that provides continuous security to workloads, which can be dynamic and ephemeral.

  • Zero-Trust Security Paradigm: Zero-trust security paradigm is about treating all users and resources as untrustworthy, without ever assuming that trust

    exists, and imposing access controls based on dynamic risk assessments. The future makes WAF ModSecurity and AbuseIPDB compatible with zero- trust concepts that allow for more permissions, protective monitoring, and adaptive responses to threats.

• Quantum Computing and Post-Quantum Cryptography: The emergence of quantum computing is seen as a risky development to the security of Internet communications. Moving forward, later studies could be carried out on linking quantum-resistant encryption schemes to WAF ModSecurity and AbuseIPDB modules for maintaining efficient and sound blocking from quantum-powered cyber threats.

• Interoperability and Standardization: Interoperability and standardization are the two key enablers of the efficient cooperation of security elements in a complicated IT environment. Subsequent work could advance the development of industry standards and protocols enabling interoperability between the ModSecurity WAF, the AbuseIPDB, and other security technologies.

REFERENCES

[1] Smith, J. (2019). "Web Application Security Essentials." In this work, you get a good comprehension of web application security basics, which forms a basis for understanding how WAF ModSecurity andAbuseIPDB integration work.

[2] Jones, A. et al. (2020) Mastering ModSecurity – provides a very detailed look into the configuration and optimization of ModSecurity, thus this book is highly recommended to people who are involved in implementing WAF solutions.

[3] Brown, C. (2018). "AbuseIPDB: "A Comprehensive Look at AbuseIPDB" – This guide delves into the features and uses of AbuseIPDB, with which the WAF ModSecurity can be integrated for additional danger awareness.

[4] White, D. et al. (2017). "Web Application Firewall (WAF) Practices Best practices for the deployment of WAF solutions. This training would help during the WAF implementation of ModSecurity."

[5] García, M. et al. (2021). "Enhancing Web Application Security: "A Case Study of WAF ModSecurity and AbuseIPDB Integration." – The case study will show how WAF Modsecurity and AbuseIPDB integration are efficient in rolling back web application attacks.

[6] Patel, R. (2019). "Effective Web Application Incident Response Strategies." – Incident response strategies are the main focus of this research, which looks at the role of WAF ModSecurity in the detection and resolution of security incidents. [7] Nguyen, H., et al. (2018). "Scalability Limitations in WAF Implementations." – This research work addresses scalability issues to show how optimizing WAF ModSecurity deployments for large-scale environments can work.

[8] Kim HM, et al. (2020). "Real-Time Threat Intelligence Integration with WAFs." The study focuses on the integration of threat intelligence resources and WAFs. The research underlines the importance of abuseIPDB in the sphere of defensive security measures.

[9] Lee, K. et al. (2019). "Automated Incident Response Mechanisms for Web Applications." – This paper explores automated incident response mechanisms and their compatibility with WAF ModSecurity, timely crisis containment.

[10] Wang, L. et al. (2018). "Machine Learning Approaches for the Rule Generation of WAF ModSecurity."

[11] Liu, Y. Y. et al. (2021). "Integration of WAF ModSecurity and Cloud Platforms." – This research paper covers mainly cloud

deployments and issues that appear upon integrating WAF ModSecurity with cloud environments.

[12] Park, S. et al. (2017). "Threat Intelligence Platforms: "An Introductory Guide." – The resource explains why intelligence platforms for threats should be selected and how they can be integrated with AbuseIPDB and ModSecurity WAF.

[13] Rodriguez, E., et al. (2019). "Best Practices for ModSecurity Rule Set Management." – This paper is aimed at presenting modsecurity rule set management best practices that will guide configuring and optimizing web application firewall deployments of modsecurity.

[14.] Chen, Q. et al. (2020). "Security Implications of API Usage in Web Applications." – As much as this study stresses the trends of WAF Modsecurity in protecting web APIs, it also underlines the issue of API security implications.

[15] Zhu, W. et al. (2018). "Performance Benchmarking of WAF Solutions." – The performance of WAF Solutions, for example, WAF ModSecurity, is benchmarked in this research to guide deployment strategies and recommend optimization.

[16] Taylor (2019). "User Experience Impacts of WAF Deployments." – The user experience impact is investigated, and strategies are proposed to avoid responsiveness issues from the application caused by WAF ModSecurity deployment.

[17] Kim, D., and others. (2021). "Compliance Considerations for WAF Deployments" Note that this paper focuses on how ModSecurity satisfies compliance with the different regulatory standards and frameworks.

[18] Garcia, A. et al. (2018). "Deployment architectures for WAF solutions based on ModSecurity." – Architectures for the deployment of WAF ModSecurity in this resource are provided, which allows for performance and scalability optimization.

[19] Patel S., et al. (2019). "Mobile Apps Security through WAF ModSecurity." The research puts focus on mobile application security coverage based on WAF ModSecurity, which leans towards protecting mobile endpoints mobile APIs.

[20] T. Nguyen et al., "Integration of SIEM Platforms with WAF Solutions." This paper will investigate the synergy with SIEM platforms of both ModSecurity and WAF Solutions.

[21] Wang, Y., and Others. (2017). "Automated Rule Generation for WAF Solutions": chiefly focusing on automated rule generation, we delineate methods for strengthening the potency and operationality of WAF ModSecurity rules.

[22] Lee H. et al., "Scalability Issues of WAF ModSecurity." – This paper addresses scalability problems, offering methodologies to improve the deployment of WAF mod_sec in high-visit environments.

[23] Chen, X., et al. (2018). "WAF Solutions Integration with CDN Infrastructure." – Examining integrations with CDN infrastructure, this research shows the benefits of content distribution for better performance and security.

[24] Kim, J., et al. (2019). "Effective Logging and Monitoring Processes for WAF Deployments." Security practitioners can benefit from the provided instructions on logging and monitoring as they implement WAF ModSecurity with a comprehensive logging and monitoring solution.

[25] Garcia, R. et al. (2020). "Rule Set Optimization Techniques for WAF Solutions." – Being rule-set optimization techniques- based, this resource provides us with a systematic methodology for efficient fine-tuning of WAF ModSecurity configurations in order to achieve better performance and accuracy.

[26] Patel, A. et al. (2018), Security Challenges in the IoT Environment. – This study looks at the role played by the ModSecurity type of WAF in the world of IoT in overcoming threats in the IoT ecosystems.

[27] Nguyen et al., N. (2019). "User awareness and training for WAF deployments." – This paper underlines the significance of user awareness, workforce training, and education in increasing the effectiveness of WAF deployments via ModSecurity.

[28] Wang, Z. et al. (2021). "The study examines emerging threats and ModSecurity as WAF solutions." – Encompasses an investigation of emerging threats This research examines how adaptable ModSecurity is as a WAF solution facing evolving cyber threats and attack vectors.

[29] Lee C. et al. (2018). "Integrating Threat Intelligence to WAF ModSecurity Deployments." – The research examines strategies for merging various data sources, like AbuseIPDB, to improve the threat detection capabilities of the built-in WAF ModSecurity.

[30] Kim, H., et al. (2020). "Performance Assessment of WAF ModSecurity Solutions.

[31] García, S. et al. (2019). "Automation and Orchestration in ModSecurity Deployments." – Going into detail around automation and orchestration, this research aims to investigate the ways in which the deployment and management of ModSecurity WAF solutions can be streamlined.

[32] Patel, K. et al. (2018). "Threat Hunting Strategies for WAF Deployments." – The goal of this research is to study attack hunting strategies and examine proactive methods for detecting and neutralizing threats within the environment of the WAF with ModSecurity deployments.

[33] Wang, Q. et al. (2021). "Integration of WAF Solutions with DevOps Pipelines." In this paper, the research is conducted along the lines of integrating WAF ModSecurity with continuous integration and the continuous deployment process.

[34] Lee, D., et al. (2018). Upping the SecOps aspect of DevOps with ModSecurity to bring more security within the software development life cycle.

[35] Kim, L., et al. (2019). "The article is on user-driven design, looking in-depth into the features of usability and ModSecuritys efficiency of deplyment from the user's point of view."

[36] García, J.; et al. (2020). This paper aims to look at this topic from the perspective of the WAF ModSecurity deployments and their compliance with the norms and standards of the industry.