From owner-freebsd-questions@FreeBSD.ORG  Sat Jul 14 22:38:45 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id D153316A40E
	for <freebsd-questions@freebsd.org>;
	Sat, 14 Jul 2007 22:38:45 +0000 (UTC)
	(envelope-from pauls@utdallas.edu)
Received: from smtp3.utdallas.edu (smtp3.utdallas.edu [129.110.10.49])
	by mx1.freebsd.org (Postfix) with ESMTP id 7F94213C4C2
	for <freebsd-questions@freebsd.org>;
	Sat, 14 Jul 2007 22:38:45 +0000 (UTC)
	(envelope-from pauls@utdallas.edu)
Received: from [192.168.2.102] (adsl-65-71-93-44.dsl.rcsntx.swbell.net
	[65.71.93.44])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by smtp3.utdallas.edu (Postfix) with ESMTP id 5C342654F2;
	Sat, 14 Jul 2007 17:38:44 -0500 (CDT)
Date: Sat, 14 Jul 2007 17:38:44 -0500
From: Paul Schmehl <pauls@utdallas.edu>
To: Bazy <bazy@goofy.celuloza.ro>, freebsd-questions@freebsd.org
Message-ID: <92D89D475BF6E761607B8657@paul-schmehls-powerbook59.local>
In-Reply-To: <46989F6C.9030802@goofy.celuloza.ro>
References: <46989F6C.9030802@goofy.celuloza.ro>
X-Mailer: Mulberry/4.0.8 (Mac OS X)
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=sha1;
	protocol="application/pkcs7-signature";
	boundary="==========996416F6D8B56805A94C=========="
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Cc: 
Subject: Re: mod_security2
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Jul 2007 22:38:45 -0000

--==========996416F6D8B56805A94C==========
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

--On July 14, 2007 1:03:24 PM +0300 Bazy <bazy@goofy.celuloza.ro> wrote:

> Hi guys,
>
> Do any of you use mod_security2?
>
> An article just came up on HowToForge about it, and I'm skeptic about
> installing it on my FreeBSD box. Is mod_security2 ok? Will it load the
> CPU? Will it make apache22 slow?
>
> http://www.howtoforge.com/apache2_mod_security_debian_etch "ModSecurity
> is an Apache module that provides intrusion detection and prevention for
> web applications. It aims at shielding web applications from known and
> unknown attacks, such as SQL injection attacks, cross-site scripting,
> path traversal attacks, etc."
>
I use mod_security on apache13 on a server that gets about 7 million hits=20
a month.  I haven't noticed any problems.  I've been using it for several=20
years now.

Paul Schmehl (pauls@utdallas.edu)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/

--==========996416F6D8B56805A94C==========--