# NGINX ModSecurity WAF Type of document: How-to guide Product: NGINX Plus > Protect against Layer 7 attacks such as SQLi, XSS, CSRF, LFI, and RFI, with the F5 NGINX ModSecurity WAF dynamic module, supported by NGINX. --- **Note:** The `nginx-plus-module-modsecurity` package is no longer available in the NGINX Plus repository. NGINX ModSecurity WAF officially reached End-of-Sale status on April 1, 2022 ([NGINX Plus Release 29](/nginx/releases.md#r29)), and End-of-Life status on March 31, 2024 ([NGINX Plus Release 32](/nginx/releases.md#r32)). For more details, [see this blog](https://www.f5.com/company/blog/nginx/f5-nginx-modsecurity-waf-transitioning-to-eol) announcement. To remove the module, follow the [Uninstalling a Dynamic Module](uninstall.md) instructions.