Most Effective mod_security Rules
i'm searching about mod_security rules for a quite long time now. i've seen owasp rules at linode library and been told about gotroot(atomicorp) rules on a community. i've tried both but i've experienced too many problems(too many false positives) and i am still not sure if those can really protect me?
anybody there who can give some advice with this?
thanks!
2 Replies
If you get false positives for certain rules comment them out on .htaccess
And oh - sometimes people find some rules on various security blogs and apply them without thinking twice. My opinion is stick to the mod_sec site unless you are a security ninja.
Amazing how much time and effort people spend trying to lock down the latest dancing hamster site.
If you have real security needs, then why are you trying to do it yourself? Hire a security consultant that backs up their work with a a known track record and liability insurance.
If it's not worth hiring a security consultant, then most likely it's not worth wasting any time on what so ever in trying to lock it down yourslef. There's always a few hackers that are several steps a head of your game.
Instead, spend the time on BACKING IT UP and MONITORING IT. Then if you ever do get hacked, just wipe it clean and start fresh and you're done. Except this time, patch whatever loophole the hacker came thru.