# NAME Plack::Middleware::Security::Simple - A simple security filter for Plack # SYNOPSIS ```perl use Plack::Builder; builder { enable "Security::Simple", rules => [ PATH_INFO => qr{^/cgi-bin/}, PATH_INFO => qr{\.(php|asp)$}, HTTP_USER_AGENT => qr{BadRobot}, ]; ... }; ``` # DESCRIPTION This module provides a simple security filter for PSGI-based applications, so that you can filter out obvious exploit-seeking scripts. Note that as an alternative, you may want to consider using something like [https://modsecurity.org|modsecurity](https://modsecurity.org|modsecurity) as a filter in a reverse proxy. # RECENT CHANGES Changes for version v0.13.1 (2026-05-26) - Security - Fixed the header\_injection rule CVE-2026-9658. - Enhancements - Added a misc\_vulns rule. - Documentation - Updated author email address. - Updated copyright year. - Added doap.xml. - Fixed broken links in POD. - Fixed typos in POD. - README is generated by the UsefulReadme plugin. - Tests - Added more author tests, and moved them into the xt directory. - Toolchain - Stopped signing distributions with Module::Signature (which is deprecated) See the `Changes` file for more details. # REQUIREMENTS This module lists the following modules as runtime dependencies: - [Exporter::Tiny](https://metacpan.org/pod/Exporter%3A%3ATiny) - [HTTP::Status](https://metacpan.org/pod/HTTP%3A%3AStatus) - [Hash::Match](https://metacpan.org/pod/Hash%3A%3AMatch) - [Plack::Middleware](https://metacpan.org/pod/Plack%3A%3AMiddleware) - [Plack::Response](https://metacpan.org/pod/Plack%3A%3AResponse) - [Plack::Util::Accessor](https://metacpan.org/pod/Plack%3A%3AUtil%3A%3AAccessor) - [Ref::Util](https://metacpan.org/pod/Ref%3A%3AUtil) - [Regexp::Common](https://metacpan.org/pod/Regexp%3A%3ACommon) - [parent](https://metacpan.org/pod/parent) - [perl](https://metacpan.org/pod/perl) version v5.14.0 or later - [warnings](https://metacpan.org/pod/warnings) See the `cpanfile` file for the full list of prerequisites. # INSTALLATION The latest version of this module (along with any dependencies) can be installed from [CPAN](https://www.cpan.org) with the `cpan` tool that is included with Perl: ``` cpan Plack::Middleware::Security::Simple ``` You can also extract the distribution archive and install this module (along with any dependencies): ``` cpan . ``` You can also install this module manually using the following commands: ``` perl Makefile.PL make make test make install ``` If you are working with the source repository, then it may not have a `Makefile.PL` file. But you can use the [Dist::Zilla](https://dzil.org/) tool in anger to build and install this module: ``` dzil build dzil test dzil install --install-command="cpan ." ``` For more information, see the `INSTALL` file included with this distribution. # BUGS Please report any bugs or feature requests on the bugtracker website [https://github.com/robrwo/Plack-Middleware-Security-Simple/issues](https://github.com/robrwo/Plack-Middleware-Security-Simple/issues) When submitting a bug or request, please include a test-file or a patch to an existing test-file that illustrates the bug or desired feature. ## Reporting Security Vulnerabilities Security issues should not be reported on the bugtracker website. Please see `SECURITY.md` for instructions how to report security vulnerabilities. # SOURCE The development version is on github at [https://github.com/robrwo/Plack-Middleware-Security-Simple](https://github.com/robrwo/Plack-Middleware-Security-Simple) and may be cloned from [https://github.com/robrwo/Plack-Middleware-Security-Simple.git](https://github.com/robrwo/Plack-Middleware-Security-Simple.git) # AUTHOR Robert Rothenberg # COPYRIGHT AND LICENSE This software is Copyright (c) 2014,2018-2026 by Robert Rothenberg. This is free software, licensed under: ``` The Artistic License 2.0 (GPL Compatible) ``` # SEE ALSO [Hash::Match](https://metacpan.org/pod/Hash%3A%3AMatch) [Plack](https://metacpan.org/pod/Plack) [PSGI](https://metacpan.org/pod/PSGI)