mod_security rules

january 21, 2006

There are some nice rules that you can find at GotRoot, they are simple drop in files that help enhance mod_security.  Of course, you'll want to watch your mod_security audit_log to see that they all are to your liking.  For instance, I had to remove a "ultram" HTTP_REFERRER reference from the blacklist.conf file (and you can also) since that blocks intersite clicking on ultramookie.com.  Anyways, there are a gazillion rules there, good exploring!