Ivan Ristic Writes "ModSecurity 1.9 FINAL has been released. It is available for immediate download from:

http://www.modsecurity.org/download/

After more than a year in development, ModSecurity 1.9 introduces a number of changes that further increase usefulness of this web application security tool.

Changes (since 1.8)
-------------------

Major enhancements include:
* A brand new audit logging subsystem aimed at supporting real time aggregation of the forensic logs. It is now possible to fine-tune forensic logging and even log complete responses.

* Significant rule engine enhancements that increase flexibility, introduce meta-data facilities, and allow for safe inclu sion of third-party produced rule databases.

* A new stateful request monitoring mechanism, which includes tools for defence against Denial of Service attacks.

* Many smaller improvements throughout, including: performance measurement, ten new actions, seventeen new variables, outp ut status filtering, performance improvements, support for methods other than GET and POST, ClamAV integration, and so on.

For a list with more details please visit:

http://www.modsecurity.org/blog/archives/2005/09/whats_new_in_mo.html "