Search this site

Sample Rule Set

Introduction

VasPatch stands for Virtual Application Security Patch

It is a free virtual patching tool which protects your web applications from hacker attacks. VasPatch provides a web interface for users to create and customize rules based on their website protection requirements. It then filters (or blocks) malicious access and attacks to web applications based on the rules.  As a web server module, every web request sent to the web server would be inspected by VasPatch. Malicious requests could be blocked, filtered and logged. 

A sample set of rules for vulnerabilities of Joomla CMS (a popular Content Management System) is now available in VasPatch Repository . Joomla administrators could use them to patch recent vulnerabilities of Joomla CMS and its extensions.

Currently, VasPatch is for IIS web server only.

Releases

Version 1.1.2 (27 Aug 2010)  download here

  • Fix a serious bug of data inconsistency when handling multiple requests in multi-threading environment
  • Fix a performance issue when writing lots of alerts to database within a short period of time

Version 1.1.0  (24 Aug 2010)  

  • Support both 32-bit and 64-bit Windows (Win7/Vista/2008)
  • Improvement on performance in Action mode and Log mode
  • Fix a bug of handling post request
  • Minor update on the Sample Rule page of WebUI

Version 1.0.2  (22 Jul 2010) 

  • Fix a bug of importing VasPatch Sample Rules
  • Minor update on the Alert page of WebUI

Version 1.0.0 

  • Patch web application vulnerabilities on IIS with ease using VasPatch Web interface
  • Allow users to create new rules for custom web applications
  • Provide a set of sample patch rules for popular web application (Joomla!)
  • Log intrusion alerts to database for review