[Owasp-modsecurity-core-rule-set] Help with Cole Rule Set
Josue Del Valle
jodelvalle at gmail.com
Mon Aug 3 00:03:06 EDT 2009
I am new to mod_security and new to Apache. I've been asked by my employer
to configure and secure an Apache server that will run on Windows. I've
been reading about the Core Rules and understand that initially they should
be set to DetectOnly mode and that I should check my logs for false
positives before turning them on. What I am not sure is what I will be
looking for in the logs. The type of attacks or false positives blocks,
How can I identify false positives? For how long should I run it on
DetectOnly mode? Bottom line, I will really appreciate if someone can point
me in the right direction. Thanks in advance for your help.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-modsecurity-core-rule-set