4 reasons not to use mod-security
Apache is a great web server if for no other reason than it offers more flexibility through modules than just about any other web server. You can plug-in all sorts of modules to enhance the functiona...
Published Jul 23, 2008
Version 1.0Lori_MacVittie
Employee
Joined October 17, 2006
Lori_MacVittie
Employee
Joined October 17, 2006
Lori_MacVittie
Jul 23, 2008Employee
As a follow up, I also suggest reading through the recommended requirements for qualifying as an acceptable WAF solution for PCI DSS:
PCI DSS 6.6 Clarification
I do not believe Apache mod_security meets all of these guidelines.