Date: Sat, 14 Jul 2007 17:38:44 -0500 From: Paul Schmehl <pauls@utdallas.edu> To: Bazy <bazy@goofy.celuloza.ro>, freebsd-questions@freebsd.org Subject: Re: mod_security2 Message-ID: <92D89D475BF6E761607B8657@paul-schmehls-powerbook59.local> In-Reply-To: <46989F6C.9030802@goofy.celuloza.ro> References: <46989F6C.9030802@goofy.celuloza.ro>
next in thread | previous in thread | raw e-mail | index | archive | help
--==========996416F6D8B56805A94C========== Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline --On July 14, 2007 1:03:24 PM +0300 Bazy <bazy@goofy.celuloza.ro> wrote: > Hi guys, > > Do any of you use mod_security2? > > An article just came up on HowToForge about it, and I'm skeptic about > installing it on my FreeBSD box. Is mod_security2 ok? Will it load the > CPU? Will it make apache22 slow? > > http://www.howtoforge.com/apache2_mod_security_debian_etch "ModSecurity > is an Apache module that provides intrusion detection and prevention for > web applications. It aims at shielding web applications from known and > unknown attacks, such as SQL injection attacks, cross-site scripting, > path traversal attacks, etc." > I use mod_security on apache13 on a server that gets about 7 million hits=20 a month. I haven't noticed any problems. I've been using it for several=20 years now. Paul Schmehl (pauls@utdallas.edu) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/ --==========996416F6D8B56805A94C==========--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?92D89D475BF6E761607B8657>