# NGINX ModSecurity WAF


> Protect against Layer 7 attacks such as SQLi, XSS, CSRF, LFI, and RFI, with the F5 NGINX ModSecurity WAF dynamic module, supported by NGINX.


**Note:**  The `nginx-plus-module-modsecurity` package is no longer available in the NGINX Plus repository.

NGINX ModSecurity WAF officially reached End-of-Sale status on April 1, 2022 ([NGINX Plus Release 29](/nginx/releases.md#r29)), and End-of-Life status on March 31, 2024 ([NGINX Plus Release 32](/nginx/releases.md#r32)).

For more details, [see this blog](https://www.f5.com/company/blog/nginx/f5-nginx-modsecurity-waf-transitioning-to-eol) announcement.

To remove the module, follow the [Uninstalling a Dynamic Module](uninstall.md) instructions.