Hi

Some time ago i promised (thanks to christian folini for his request)

to publish on this list the WAFSEC 1.0 evaluation matrix for mod_security that I had made some time ago. It is here:

https://docs.google.com/document/d/1X_A2G0TMB9IHoZnnpnFBHz_yZ5gkykfL6mtuWMdjzCo/edit

 


My evaluation work is based on using mod_security, together with the REMO policy engine and the jwall audit console.


Comments are welcome. Moreover, if it might be worthwhile, I give right now to mod_security developers the rights to publish this the document, all or in part, on the project web site, eventually  integrated and corrected.

 

I hope this document could be useful to someone, and not so wrong in the content.

 

Best Regards


Elia