[Modsecurity] Formmail
Rob Shakir
rob at catalyst2.net
Wed Apr 5 19:31:03 EDT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mike Cardwell wrote:
> I was kind of selfishly hoping that the rules would meet my requirements
> so I wouldn't have to maintain the list my self. Stepping back and
> looking at the situation though, I suppose the rules are more geared
> towards sites that contain content you're aware of, rather than in a
> mass hosting environment where you've no idea what's being run.
I run the rules in a shared hosting environment - we don't know what's
being run on the boxes at all, and certainly don't audit each customer's
site contents in order to ensure that it's secure.
I find the best way to maintain the rules is to just generate patches
between versions, and patch your set of rules with the updates. To be
honest, there are very few changes that we actually make - but this
method means that if there are changes I'd like to make, I don't have to
change my workflow.
Also, keeping your rule set in a svn, or cvs respository means it's
really easy to distribute between machines, and roll back if necessary.
Whilst in a perfect world - the rules would fit everyone's requirements
- - it's just not going to happen, but you can make your workflow
accomodate this fairly easily.
Rob
- --
Rob Shakir - <rob at catalyst2.net>
Technical Manager - Catalyst2 Services Ltd.
PGP Key ID: 0xC07E6DEB / RIPE: RJS-RIPE
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFENFM3IbIhVcB+besRAlFVAJsGzlLA9f6jva1neQ8r/uPcwUZmjQCeMeCM
zXvULNWDsYi5okZFaYjkoU4=
=H1Jd
-----END PGP SIGNATURE-----
More information about the Modsecurity
mailing list