[users@httpd] mod_security and ironbee questions

["Rose, John B" <jb...@utk.edu>]

1. Can anyone suggest a good base set of rules to utilize within mod_security?

2. While looking around for info on mod_security we came across some mentions of ironbee. Can someone give a comparison of the two?

3. What would you recommend to use? mod_security? Ironbee? Something else? Mixture?

Thanks

Re: [users@httpd] mod_security and ironbee questions

[Nick Kew <ni...@webthing.com>]

On Mon, 2015-03-16 at 18:06 +0000, Rose, John B wrote:
> 1. Can anyone suggest a good base set of rules to utilize within
> mod_security?

Depends entirely on what you're looking to protect.  Did you
look at mod_security's core ruleset as a startingpoint?

> 2. While looking around for info on mod_security we came across some
> mentions of ironbee. Can someone give a comparison of the two?

mod_security came first, and made Ivan's name.  Having learned from
the experience, he and Brian then moved on to create Ironbee,
which is a much more general-purpose framework.  I'm not sure
how much active development mod_security gets since its original
team moved on.  The respective web sites will tell you more.

> 3. What would you recommend to use? mod_security? Ironbee? Something
> else? Mixture?

Neither - until you're clear about what goal you're seeking
to accomplish with a WAF.

Disclosure: I work on Ironbee, but I don't represent or speak for it.

-- 
Nick Kew



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org