[Owasp-modsecurity-core-rule-set] modsecurity 2.0.4.. tweaking the defaults? necessary?
dsyuoul at gmail.com
Mon Jan 11 12:42:31 EST 2010
We have been running the DetectionOnly mode for 2.0.4 under 2.5.11 for
some time now and we now feel comfortable. Could anybody please
orientate us if it is advised to tweak in any way either the score
(which i dont know how to) or uncomment some rules which come
commented for me to make a more tightened scenario? If so exactly
which ones? (i dont know how to read rules so they dont make much
sense to me)
Any feedback is appreciated.
More information about the Owasp-modsecurity-core-rule-set