Peel" <[EMAIL PROTECTED]>
To:
Sent: Friday, October 19, 2007 9:48 AM
Subject: [EMAIL PROTECTED] mod_security
Hi all,
I installed mod_security yesterday on one server and am in the process of
debugging.
Along with mod_security itself, I have installed a number of rules, most
of
which
Hi there,
Why are you using an old version of ModSecurity? As you
start anew I suggest you start out with ModSecurity > 2.1.
Then stick with the core-rules for a start and read
the excellent security blog on the website to deal with
false positives. There are many very good posts on the
subject.
Hi all,
I installed mod_security yesterday on one server and am in the process of
debugging.
Along with mod_security itself, I have installed a number of rules, most of
which are not causing any issues. The two below are causing some problems
though:
Number one seems to do its job too well as
Nick Kew wrote:
On 29 May 2007, at 22:31, Marc Perkel wrote:
I'm running FC6 and added mod_security using the default rule set and
the load level on the system is about 5 times higher than without it.
I'm wondering what rule sets I might disable that would give me some
security without slo
On 29 May 2007, at 22:31, Marc Perkel wrote:
I'm running FC6 and added mod_security using the default rule set
and the load level on the system is about 5 times higher than
without it. I'm wondering what rule sets I might disable that would
give me some security without slowing the server
I'm running FC6 and added mod_security using the default rule set and
the load level on the system is about 5 times higher than without it.
I'm wondering what rule sets I might disable that would give me some
security without slowing the server down to a crawl. Could use some
practical advice.
> -Original Message-
> From: arun kumar [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, January 16, 2007 11:15 AM
> To: users@httpd.apache.org
> Subject: [EMAIL PROTECTED] mod_security 1.9.4 to 2.0.4
>
>Hi All,
>
> Currentl
Hi All,
Currently we are using mod_security 1.9.4 and my client want me to
upgrade mod_security to 2.0.4.
In mod_security site I found that all the directives of 2.0.4 is different
from 1.9.4. Please let me know where I can get 1.9.4 equavalent directive
Thanks to Nick, Joshua & William for your responses. Keep up the good
work.
regards
-Jignesh
"William A. Rowe, Jr." <[EMAIL PROTECTED]>
08/22/2006 07:58 PM
Please respond to
users@httpd.apache.org
To
users@httpd.apache.org
cc
Subject
Re: [EMAIL PROTECTED] mod_secur
Jignesh Badani wrote:
> Thanks Nick, it makes sense. So can I assume that the Apache group is fine
> with its user base using 3rd party mod_security
Why not? http://modules.apache.org/ - lots of modules - we have no problem
with users deploying any module which solves their requirements.
> and
On 8/22/06, Jignesh Badani <[EMAIL PROTECTED]> wrote:
Thanks Nick, it makes sense. So can I assume that the Apache group is fine
with its user base using 3rd party mod_security and that they do not plan
to develop something similar ?
The reason I am confused is I see Ryan Barnett as Team Lead fo
bject
Re: [EMAIL PROTECTED] mod_security general question...
On Tuesday 22 August 2006 23:22, Jignesh Badani wrote:
> We have been looking at implementing mod_security for quite some time
now,
> but it is not getting a green flag because the module is not part of the
> Apache group offering
On Tuesday 22 August 2006 23:22, Jignesh Badani wrote:
> We have been looking at implementing mod_security for quite some time now,
> but it is not getting a green flag because the module is not part of the
> Apache group offering (yet).
>
> 1. Is there a reason, this module is still not being bund
We have been looking at implementing mod_security for quite some time now,
but it is not getting a green flag because the module is not part of the
Apache group offering (yet).
1. Is there a reason, this module is still not being bundled as part of
the Apache source ?
2. Has anybody implement
14 matches
Mail list logo