how i can to mix the modsecurity rules and gotroot rules?
can i put it into the same directory? in this case, how is the order? first modsecurity rules and last gotroot rules?
or if i must put it into a different directories, witch of them i run in the first time modsecurity or gotroot rules?
The OWASP ModSecurity CRS and the GotRoot ASL rules are actually "rule sets" and have different design philosophies. Specifically, the CRS has the ability to run in an anomaly scoring/collaborative mode -
The GotRoot rules work more like a traditional IPS mode where the rules are self contained.
I do agree, however, that there should be a path for running both at the same time. I will look into this issue.
hello, so I hope you say me something on this forum for how to configure both rule sets.