On Wed, Sep 23, 2009 at 08:09:53PM -0500, Matthew Young wrote:
> Hello,
>
> The website of gotroot.com states for their apache1 rules: "Retired Rules
> (No longer updated) "
>
>
> The initial question prevails: Is this the best appoach? How secure are
> these "old" rules?
Adding mod_security shouldn't decrease your security; it only increases
it if you have otherwise-insecure software installed, and you can only
hope that it plugs all holes in that case.
In other words, it depends heavily on what you're using it with.
Joachim
