30 Jan
2013
30 Jan
'13
6:51 p.m.
On Wed, Jan 30, 2013 at 10:06:36AM -0800, Jeremy Kitchen wrote:
Additionally, you may want to look into mod_security
for apache. It can
often detect and prevent possible intrusion attacks before they even get
to your application, however keep in mind that depending on your
ruleset, you may end up with a large number of false positives. If you
have complete control of your application and know exactly everything
that might be used with it (request parameters, etc) then it's great,
though not a replacement for proper security in your code. See it as one
more layer of protection.
Anywho, I just realized I'm rambling. Sorry about that.
I did some testing on this, but it looked like it was going to take a
lot of setup to get around the false positive problem and I got pissed
off with the whole thing.
I like the idea of mod_security though.
Michael