I recently upgraded the modsecurity 2.something to the latest version.
But these two rulesets are giving me much headache:
For example, a plain HTML web site, but the JPG files are oddly named:
Dumps over a page of "Messages:" in the audit file, talking about
probably a dozen rules or so that are broken.
The following dynamic site, is likewise:
... belches pages and pages of code, even at debug level 3.
The web server has over 300 hostings - Joomla, PhpNuke, Wordpress,
homebrew, and plain HTML.
I spent two days editing out the core rules, but finally had to give up
on the "phpids" rulesets altogether.
Was there an easier way?