Mod_Security Implementation Documentation Petition

[J.T.]

Hi,

It seems that LSWS doesn't fully support all mod_security features and it is unclear what its limitations exactly are.

Using rules from popular subscription lists is a difficult task, not knowing what we can and can't do with LSWS in terms of this well-establish security feature.

Consider this something of a petition, requesting you to:

A) Document exactly the subset of mod_security features LSWS incorporates and hopefully;

B) Adding full mod_security compatibility, making it a drop-in replacement of the original Apache module, in future LSWS versions.

To this day, having run LSWS for about 5 months, I'm loving it to bits. What a change from Apache it is! Full or at least well documented mod_security implementation will satisfy a lot of companies' security needs, making it truly Enterprise IMHO.

Is there anything on the roadmap that aims to tackle the above two requests to some extent already?

Anyone else wanting this to happen?

[cmanns]

I'd like to see a better mod_security implimention.

I don't use mod sec though recently interested.

We need built in rule subset that watches IP traffic. Some sites like a php based tracker use 100's of hits, but what about 1 IP downloading a image over and over and over, or sending SQL, what PHP site uses SQL in the url these days?

I saw one site push out 200GB of bw just from images, would of been awesome if that was blcoked.

[J.T.]

I'm pleased to see in the .17 and .18 release notes that progress has been made in this department.

Is there any up to date documentation on this or a more in-depth explanation of what has been added in these latest versions?