[Owasp-modsecurity-core-rule-set] Suggestion about mixing rules with configuration
ivan.ristic at gmail.com
Fri Aug 14 16:18:21 EDT 2009
I've noticed that the new Core Rules have configuration bits in them
-- just like the previous version -- but I don't think that's the
right thing to do. I think most users will want to update their rules
regularly, but if the configuration bits are there they will be forced
to do the whole thing manually every time.
On the topic of updates, are there any plans to use the auto-update
script in the future?
Security assessment of your SSL servers
More information about the Owasp-modsecurity-core-rule-set