[Owasp-modsecurity-core-rule-set] modsecurity 2.0.4.. tweaking the defaults? necessary?

Dimitri Syuoul dsyuoul at gmail.com
Mon Jan 11 12:42:31 EST 2010


We have been running the DetectionOnly mode for 2.0.4 under 2.5.11 for
some time now and we now feel comfortable. Could anybody please
orientate us if it is advised to tweak in any way either the score
(which i dont know how to) or uncomment some rules which come
commented for me to make a more tightened scenario? If so exactly
which ones? (i dont know how to read rules so they dont make much
sense to me)

Any feedback is appreciated.
Thank you


More information about the Owasp-modsecurity-core-rule-set mailing list