[CentOS] Getting started with mod_security

Fri Jul 28 23:03:06 UTC 2017
John Jasen <jjasen at realityfailure.org>

mod_security 2.7.3 from CentOS is pretty old and pretty broken. The crs
package is equally out of date.

Recompiling mod_security from a more recent fedora SRPM and grabbing the
OWASP core-rule-set from git will yield much better results, in my opinion.



On 07/16/2017 02:32 PM, Nicolas Kovacs wrote:
> Hi,
>
> I'm currently fiddling with mod_security, and before going any further,
> I simply wanted to ask here for any recommended documentation/tutorials
> on the subject. There seems to be a lot of information about
> mod_security out there, and right now I have a bit of a hard time
> wrapping my head around it.
>
> I'm grateful for any suggestions.
>
> Cheers,
>
> Niki Kovacs