Phil,
ModSecurity can help address comment SPAM on a number of fronts -
1) The soon-to-be-released version of the Core Rule set
(http://www.modsecurity.org/projects/rules/index.html) will include some
basic rules around identify comment SPAM.
2) You could use the @rbl operator in ModSecurity 2 to
You are correct, the install instructions have changed for Mod 2.x. We
address this issue in the documentation and in the FAQ -
http://www.modsecurity.org/documentation/faq.html#d0e224
Additionally, you should probably sign up for the Mod mail-list and ask
questions there -
http://www.modsecurit
Yep, modsecurity's audit_log can capture full request bodies if you desire and
this would include the filename data from the multipart-form-data upload
sections.
You could also optionally intercept and make copies of uploaded files to store
them locally.
Thanks,
Ryan C. Barnett
- Origina
> -Original Message-
> From: Dragon [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 06, 2007 3:52 PM
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] Center for Internet Security's Apache
Benchmark
> Project Update
>
[Ryan Barnett] There are
> -Original Message-
> From: Nick Kew [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 06, 2007 11:10 AM
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] Center for Internet Security's Apache
Benchmark
> Project Update
>
> On Tue, 6 Nov 2007 1
Greetings everyone,
I am leading the CIS Apache Benchmark Project
(http://www.cisecurity.org/bench_apache.html) and we are in the final
stages of an updated revision. We are seeking feedback from Apache
users to get a consensus on the new recommended settings. If you would
be willing to particip
