Modsecurity crs 10 config.conf
Revision as of 11:04, 6 August 2009 by Rcbarnett (Created page with '# The directives within this file can be included within # Virtual Host containers. # # Configuration contained in this file should be customized # for your specific requirements…')
- The directives within this file can be included within
- Virtual Host containers.
- Configuration contained in this file should be customized
- for your specific requirements before deployment.
- Next to each rule there is a description of what it does. Each
- location where customization is needed is marked with "TODO". It
- is recommended that you:
- 1) Keep a copy of the original file. This will allow you to use
- the "diff" command to quickly see the changes. It will also
- make upgrades to future rule sets easier.
- 2) Document your changes thoroughly.
- You are advised to start with ModSecurity in detection mode only.
- Switch to protection when you are comfortable with your rule set.
- For maximum protection monitor your logs on daily basis (or