Looking for a good Mod Sec

Discussion in 'Install/Configuration' started by johndrose, Dec 31, 2013.

  1. johndrose

    johndrose New Member

    Came across many Mod Secs and tried a few, heard a new one https://waf.comodo.com/ and I would like to hear reviews from webmasters before I try it out.

    Thanks in advance and Happy New Year ! :)
  2. wanah

    wanah Well-Known Member

    This sounds very hopefull.

    cPanel asked us what we thought about them supplying a modsecurity ruleset and now I see Comodo did this before them.


    I've downloaded the full ruleset and it's only 1.6MB uncompressed for the moment.

    It seems to come with a cPanel plugin (buggy from what I have read but maybe already fixed…).

    It's a very new product, it seems to be currently the best hope for a good quality free ruleset.

    I will be watching it very closely and I hope litespeed will test them as after testing gotroot ruleset with apache we found it to have too many false positives (they fix them quickly but you have to keep informing them of the false positives which is a pain as we discovered them on a daily basis).

    This ruleset seems to be much smaller and more managable than ASL's one. I do hope it's effective (or will become effective) as well as compatible with litespeed. I would love to be able to enable modsecurity again but without slowing everything down and without loads of false positives.

Share This Page