Of course Mike's answer is way over my head. However, in laymen's terms, I'd like a similar answer:
Exactly what mod_security protection does LiteSpeed provide? Is it full support for all rules? Or is it limited...and, if so, HOW limited? In today's security climate, vague answers simply aren't good enough. If we're putting our servers in the hands of your software...and paying a pretty penny for your software when other software is available free...we need definitive answers on what protection your software is giving us (or not).
Also, I'm confused about the answer on whether the gotroot rules will work with LiteSpeed. I've seen multiple reports that the rules don't work well with LiteSpeed (not a gotroot issue, but apparently an issue with LiteSpeed's mod_security implementation). Of course, mod_security rules are only effective if they protect but don't interfere with normal operations.
So I'd really appreciate some frank, detailed answers from LiteSpeed on this issue. We are deploying a new server this week, and we can't justify using LiteSpeed on it (or continuing to use LiteSpeed elsewhere) without knowing these answers.