On Sun, Aug 22, 2010 at 7:02 AM, Morgan <firstname.lastname@example.org>
šObjective: The server multiple virtual hosts, Ext 2 and 3
local, how to configure mod_security running on external hosts,
Can you rephrase the question? Are you asking how to configure ModSecurity to proxy requests for external hosts?
and the question of whether to run mod with different rules for different
That really depends on the level of control you want over each virtual host. For example, if you write a virtual patch to fix a SQLi which only effects one of the virtual hosts, it obviously makes sense to only apply that patch to the vulnerable application. On the other hand, if you want to simplify maintenance and only want to apply generic protection via the CRS and you do not require fine grain control over the rules, applying the same rules to each virtual host makes sense.