[CentOS] OT mod_security

Thu Apr 14 18:20:44 UTC 2005
Franki <franki at htmlfixit.com>

Hi guys,

I've planning out my upgrade to CentOS4 and one of my plans for security 
is to impliment the mod_security apache module to filter out unwanted 
malicious intent.

Not having used it before, I wanted to see if anyone here has 
implimented it and did it block any legit traffic or cause resource 
traffic/serious slowdowns of their systems?

I've asked on the forum about secure virtual hosting and have considered 
many options but what I have decided on is a combination of vsftp/TLS to 
chroot users and mod_security to reduce the risk of outside intrusion 
attempts via HTTP.

Is mod_security available as a package on CentOS4/RHEL4 ? I found 
packages for 3 but thus far none for 4.

many thanks