Hi,
I'm currently fiddling with mod_security, and before going any further, I simply wanted to ask here for any recommended documentation/tutorials on the subject. There seems to be a lot of information about mod_security out there, and right now I have a bit of a hard time wrapping my head around it.
I'm grateful for any suggestions.
Cheers,
Niki Kovacs
mod_security 2.7.3 from CentOS is pretty old and pretty broken. The crs package is equally out of date.
Recompiling mod_security from a more recent fedora SRPM and grabbing the OWASP core-rule-set from git will yield much better results, in my opinion.
On 07/16/2017 02:32 PM, Nicolas Kovacs wrote:
Hi,
I'm currently fiddling with mod_security, and before going any further, I simply wanted to ask here for any recommended documentation/tutorials on the subject. There seems to be a lot of information about mod_security out there, and right now I have a bit of a hard time wrapping my head around it.
I'm grateful for any suggestions.
Cheers,
Niki Kovacs
-
John Jasen -
Nicolas Kovacs