On Mon, 2015-03-16 at 18:06 +0000, Rose, John B wrote: > 1. Can anyone suggest a good base set of rules to utilize within > mod_security? Depends entirely on what you're looking to protect. Did you look at mod_security's core ruleset as a startingpoint? > 2. While looking around for info on mod_security we came across some > mentions of ironbee. Can someone give a comparison of the two? mod_security came first, and made Ivan's name. Having learned from the experience, he and Brian then moved on to create Ironbee, which is a much more general-purpose framework. I'm not sure how much active development mod_security gets since its original team moved on. The respective web sites will tell you more. > 3. What would you recommend to use? mod_security? Ironbee? Something > else? Mixture? Neither - until you're clear about what goal you're seeking to accomplish with a WAF. Disclosure: I work on Ironbee, but I don't represent or speak for it. -- Nick Kew --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx