Feature request : support for a free mod security ruleset

Discussion in 'Feedback/Feature Requests' started by wanah, Oct 29, 2013.

  1. wanah

    wanah Member

    Hello,

    We are looking into building a working ruleset for mod security.

    We tested gotroot ruleset (paid version) but it evolved too quickly for litespeed and caused lots of problems so we gave up with it at that time.

    I now wanted to try and implement a rule at a time and try and work out what rules are needed and which ones aren't.

    I've just read that ASL no longer provide a free gotroot ruleset and their full paid ruleset is much too large for our needs.

    The owasp ruleset seems alot clearer and easier to implement with files like :

    modsecurity_crs_46_slr_et_phpbb_attacks.conf

    and

    modsecurity_crs_46_slr_et_wordpress_attacks.conf

    and

    modsecurity_crs_46_slr_et_joomla_attacks.conf

    So I'm now wandering why support a ruleset that isn't free and that makes everything slow when there is a ruleset that isn't so heavy, that seems much easier to implement ?

    What compatibility can we expect with this ruleset ?

    http://spiderlabs.github.io/owasp-modsecurity-crs/

    Most of the rules seem quite simple and should also give off less false positives then the ASL's paid modsecurity rules
  2. stormy

    stormy Member

    I am interested in this too.

    I've been evaluating the paid rules and while they work well, I don't like the general attitude of Atomicorp. They are doing everything they can to make it difficult to use anything that's not their ASL product.
  3. wanah

    wanah Member

    Just to post an update on this.

    Although we have not tested them yet, there is a new promissing modsecurity ruleset :

    https://waf.comodo.com

    We're waiting to get some feedback from users before installing these rules on a production server and also waiting for the next plugin update.

    These rules are free and Comodo says there will always be a free ruleset although there might me a paid version in the future with more features.

Share This Page