Hello, The website of gotroot.com states for their apache1 rules: "Retired Rules (No longer updated) "
The initial question prevails: Is this the best appoach? How secure are these "old" rules? --Matt On Wed, Sep 23, 2009 at 5:47 PM, Gonzalo Lionel Rodriguez < gonz...@sepp0.com.ar> wrote: > Matt, > > Try this > http://www.gotroot.com/downloads/ftp/mod_security/apache1/apache1-gotrootrules-latest.tar.gz > > Works fine for me. > > 2009/9/23 Matthew Young <myoung24...@gmail.com>: > > Hello, > > > > I just installed mod_security from packages for the apache1 in base (4.5) > . > > I went into modsecurity.org and noticed that their ModSecurity Core > Rulset ( > > modsecurity-crs_2.0.2.tar.gz< > http://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/modsecurity-crs_2.0.2.tar.gz/download > >current) > > is not compatible with apache1. > > > > Id like to ask what is the best ruleset to use with modsecurity1.9.3 and > > apache1 ? Is it safe to use older modsecurity rules, if so which one ? > > > > Anybody care to share their experience. > > > > --Matt > > >
