One point of clarification - Ivan is not the ModSecurity project lead, I am. He is the original author but has not contributed to the project for years.  Ivan is working on another WAF project called IronBee which is sponsored by Qualys. 

All that being said - I agree, the ModSecurity Handbook is essential reading.  Ivan did a great job with it. 

Ryan Barnett

Lead Security Researcher, SpiderLabs

 

Trustwave | SMART SECURITY ON DEMAND

www.trustwave.com


On Mar 12, 2014, at 4:58 AM, "Ramy Darwish" <jackbro.pluckah@gmail.com> wrote:

Hi there,

Have you used the Modsecurity Handbook? It's written by Ivan Ristic, the
Modsecurity Project Lead. It's a very clear and thorough documentation
that takes you from the ground up.
I bought it a short while ago and can't recommend it enough.

https://www.feistyduck.com/books/modsecurity-handbook/

Ramy
Greetings,

I am looking for any documentation in regard to mod_security rule writing (SecRule) best practices.

If there is no documentation of this specifically, then any input or direction would be terrific.

For example, using the default-deny ruleset is highly recommended.
Or, rules that involve too big of a wildcard Regex should be avoided.

Any thoughts, comments, concerns and/or things that should be included in such a best practices document would be greatly appreciated.

Thanks in advance!
Christopher


------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/13534_NeoTech


_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/


------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/13534_NeoTech
_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/




This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.