[Owasp-modsecurity-core-rule-set] Need Help for Mod security

Joshua Roback jroback at gmail.com
Tue Jul 14 13:26:00 UTC 2015


1) Typically open source rules are updated along with new ModSecurity
releases.  There isn't really a need to update as frequently as an IDS
since the scope of detection requirements for a WAF is much smaller.

2) Spent time looking at the rules to get a feel for the format and the
purpose and then buy
The Web Application Defender's Cookbook -
http://www.amazon.com/Web-Application-Defenders-Cookbook-Protecting/dp/1118362187/ref=sr_1_2?ie=UTF8&qid=1436880245&sr=8-2&keywords=web+application+cookbook
https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual
http://www.atomicorp.com/wiki/index.php/Mod_security

3) Don't know about this.  I use a proprietary application.

On Tue, Jul 14, 2015 at 7:49 AM Rishi nand <aadimanavtest at gmail.com> wrote:

> Hi There
>
> I am new to modsecurity and want to try in our organization, but came
> across few doubts. I will be glad if any body can clear them
>
> 1. OWASP modsecurity CRS : are these rules update daily (like snort rules,
> If so how to update). or how often they will update, In that case how to
> update them.
> 2. if i want to write my own custom rules how can i proceed :- where to
> create file and in which directory, Can i write all the rules in one file
> or a separate rule for each file
> 3. any recommended UI for modsecurity
>
> Thanks in advance
>
>
> --
> Cheer's
>
> Nand
>  _______________________________________________
> Owasp-modsecurity-core-rule-set mailing list
> Owasp-modsecurity-core-rule-set at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-modsecurity-core-rule-set/attachments/20150714/cbd2f667/attachment.html>


More information about the Owasp-modsecurity-core-rule-set mailing list