Download
ModSecurity is an open source product licensed under ASLv2. It comes with full source code and documentation. Current releases are signed by Breno Silva. These public keys are available via most PGP key server mirrors.
ModSecurity Status: v2.7.2
ModSecurity for Apache (Stable Release Quality)
Installation information for Apache
ModSecurity for Apache TAR/GZ
ModSecurity for Apache MD5
ModSecurity for IIS (Stable Release Quality)
Installation information for IIS
ModSecurity for IIS MSI Installer
ModSecurity for IIS MSI Installer MD5
ModSecurity for IIS Debug package ZIP
ModSecurity for IIS Debug package MD5
ModSecurity for Nginx (Beta Release Quality)
Installation information for Nginx
ModSecurity for Nginx TAR/GZ
ModSecurity for Nginx MD5
Community-Produced Binary packages
There are no binary packages on modsecurity.org. Below is a list of third-party sites that sometimes have an up-to-date binary version of ModSecurity:
RHEL/CentOS Yum Repository (Jason Litka)
http://www.jasonlitka.com/yum-repository/
Debian (Alberto Gonzalez Iniesta):
http://packages.debian.org/search?searchon=sourcenames&keywords=modsecurity-apache
Fedora Core (Michael Fleming):
http://fedoraproject.org/wiki/EPEL
FreeBSD (Alex Dupre):
http://www.freebsd.org/cgi/ports.cgi?query=mod_security&stype=all
Gentoo:
http://www.gentoo-portage.com/www-apache/mod_security
Apache 2.x on Windows (Steffen):
http://www.apachelounge.com/
HP-UX (Internet Express):
http://h20338.www2.hp.com/hpux11i/cache/324414-0-0-0-121.html
Netware, Windows (Guenter Knauf):
http://www.gknw.at/development/apache/
https://github.com/SpiderLabs/ModSecurity/blob/master/CHANGES
Source: http://www.modsecurity.org/download/