Re: [mod-security-users] ModSecurity v3

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hey Michael,

A lot of people use ModSec3 successfully in production and the developers have
it labelled as production ready for NGINX for several years.

Personally, I see that ModSec3 is not passing the entire test suite for CRS
(2-3% of tests are failing) and I am not satisfied with the performance.

Also: ModSec 2.9.x on Apache is still the reference implementation for CRS.

Hope this helps to put everything in perspective.

Best,

Christian

On Thu, Sep 30, 2021 at 12:47:10PM +0000, Michael Woods via mod-security-users wrote:
> Hi Everyone,Is version 3 of ModSecurity now production ready? It's not clear from the Github page.RegardsMike

> _______________________________________________
> mod-security-users mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-users
> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
> http://www.modsecurity.org/projects/commercial/rules/
> http://www.modsecurity.org/projects/commercial/support/