[Owasp-modsecurity-core-rule-set] Need Help for Mod security
jroback at gmail.com
Tue Jul 14 13:26:00 UTC 2015
1) Typically open source rules are updated along with new ModSecurity
releases. There isn't really a need to update as frequently as an IDS
since the scope of detection requirements for a WAF is much smaller.
2) Spent time looking at the rules to get a feel for the format and the
purpose and then buy
The Web Application Defender's Cookbook -
3) Don't know about this. I use a proprietary application.
On Tue, Jul 14, 2015 at 7:49 AM Rishi nand <aadimanavtest at gmail.com> wrote:
> Hi There
> I am new to modsecurity and want to try in our organization, but came
> across few doubts. I will be glad if any body can clear them
> 1. OWASP modsecurity CRS : are these rules update daily (like snort rules,
> If so how to update). or how often they will update, In that case how to
> update them.
> 2. if i want to write my own custom rules how can i proceed :- where to
> create file and in which directory, Can i write all the rules in one file
> or a separate rule for each file
> 3. any recommended UI for modsecurity
> Thanks in advance
> Owasp-modsecurity-core-rule-set mailing list
> Owasp-modsecurity-core-rule-set at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-modsecurity-core-rule-set