One more note I should have included – in order to make this process sane, we will assume that no email responses means you are in agreement. Speak up if you feel as though the recommended configuration setting is not the best and why.
Cheers, Ryan From: Ryan Barnett <[email protected]<mailto:[email protected]>> Date: Fri, 1 Apr 2011 10:28:24 -0500 To: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Cc: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Subject: A Recommended Base Configuration Greetings everyone, There has been a number of past email threads discussing the need for a recommended "base configuration" for ModSecurity configuration directives. These are settings that the local Admin uses to control the overall settings of ModSecurity (rule and audit engine, log files locations, whether to inspect request/response bodies, etc…). These are configurations that should not be included within 3rd party rule sets (such as the OWASP ModSecurity CRS). We have taken the main.conf file recommended by Ivan Ristic in this thread (https://lists.owasp.org/pipermail/owasp-modsecurity-core-rule-set/2009-August/000052.html) and added it to the Reference Manual Wiki - https://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#A_Recommended_Base_Configuration In order to have easier tracking, I will be sending out individual emails with the directive name in the subject line so that we can openly discuss what the community believes should be the recommended initial configuration. Based on the results, we will update the wiki and include this file within the upcoming ModSecurity 2.6 release. Thanks, Ryan ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. _______________________________________________ Owasp-modsecurity-core-rule-set mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
