Mod Anti Tamper for Apache 2
AntiTamper is an Apache 2.x module that could be used to
prevent some sort of url and cookie tampering.
Specifically, AT could stop a lot of those malicious bots that take advantage from search engines.
Moreover, attack techniques like Http Response Splitting and session hijacking/fixation will be mitigated.
For a quick and dirty start go to examples/README.
Is important to notice that mod_anti_tamper is not an alternative to mod_security,
which is more exaustive and useful for all web situations.
AT could be a complement to mod_security.
Go to Mod Anti Tamper Page.
PassBroker for Php
If you have ever asked yourself:
"How could I hide username and passwords in order to prevent unauthorized users from
Then you are the right guy in the right place, and i suggest you to install
PassBroker on your own website.
PassBroker is a PHP extension, written in c which dispatch informations you don't want to
directly embed inside a PHP script.
PassBroker will give the script only the secrets it needs according to a user defined ruleset.
Go to PassBroker Page.
When there is the need to authenticate users from a web page, passwords
are often sent on a insecure channel, this could lead to have our own
passwords sniffed (read CMS & Co.).
This is a way to avoid the passage of passwords from a user login html form
on an insecure channel.
An easy way to improve your users' security for ready-to-use (or not) CMSs.
Go to HMAuth Page.
Wisec is brought to you by...
Wisec is written and mantained by
Stefano Di Paola.
Wisec uses open standards, including XHTML, CSS2, and XML-RPC.