Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 14 Jul 2007 17:38:44 -0500
From:      Paul Schmehl <pauls@utdallas.edu>
To:        Bazy <bazy@goofy.celuloza.ro>, freebsd-questions@freebsd.org
Subject:   Re: mod_security2
Message-ID:  <92D89D475BF6E761607B8657@paul-schmehls-powerbook59.local>
In-Reply-To: <46989F6C.9030802@goofy.celuloza.ro>
References:  <46989F6C.9030802@goofy.celuloza.ro>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
--==========996416F6D8B56805A94C==========
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

--On July 14, 2007 1:03:24 PM +0300 Bazy <bazy@goofy.celuloza.ro> wrote:

> Hi guys,
>
> Do any of you use mod_security2?
>
> An article just came up on HowToForge about it, and I'm skeptic about
> installing it on my FreeBSD box. Is mod_security2 ok? Will it load the
> CPU? Will it make apache22 slow?
>
> http://www.howtoforge.com/apache2_mod_security_debian_etch "ModSecurity
> is an Apache module that provides intrusion detection and prevention for
> web applications. It aims at shielding web applications from known and
> unknown attacks, such as SQL injection attacks, cross-site scripting,
> path traversal attacks, etc."
>
I use mod_security on apache13 on a server that gets about 7 million hits=20
a month.  I haven't noticed any problems.  I've been using it for several=20
years now.

Paul Schmehl (pauls@utdallas.edu)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/

--==========996416F6D8B56805A94C==========--




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?92D89D475BF6E761607B8657>