1) Typically open source rules are updated along with new ModSecurity releases. There isn't really a need to update as frequently as an IDS since the scope of detection requirements for a WAF is much smaller.
2) Spent time looking at the rules to get a feel for the format and the purpose and then buy The Web Application Defender's Cookbook - http://www.amazon.com/Web-Application-Defenders-Cookbook-Protecting/dp/1118362187/ref=sr_1_2?ie=UTF8&qid=1436880245&sr=8-2&keywords=web+application+cookbook https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual http://www.atomicorp.com/wiki/index.php/Mod_security 3) Don't know about this. I use a proprietary application. On Tue, Jul 14, 2015 at 7:49 AM Rishi nand <aadimanavt...@gmail.com> wrote: > Hi There > > I am new to modsecurity and want to try in our organization, but came > across few doubts. I will be glad if any body can clear them > > 1. OWASP modsecurity CRS : are these rules update daily (like snort rules, > If so how to update). or how often they will update, In that case how to > update them. > 2. if i want to write my own custom rules how can i proceed :- where to > create file and in which directory, Can i write all the rules in one file > or a separate rule for each file > 3. any recommended UI for modsecurity > > Thanks in advance > > > -- > Cheer's > > Nand > _______________________________________________ > Owasp-modsecurity-core-rule-set mailing list > Owasp-modsecurity-core-rule-set@lists.owasp.org > https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set >
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
