New from the php|architect blog today there's a post talking about a new book from Feisty Duck Publishing about ModSecurity for Apache and how that effects the world of PHP.

ModSecurity is a web application firewall. It can live in and out of the Apache web server environment, one of the most popular web servers around. ModSecurity is infinitely customizable and extremely powerful. The philosophy of ModSecurity can be summed up in a few words. Look, and only modify if I tell you to.

The author of the post (Orlanao Medina) thinks that this book is *the* resource for ModSecurity-related information, providing step-by-step information on how to work with the tool both inside and outside of Apache. It shares tips on blocking XSS attacks, brute force attacks and generally protecting your application in general.