Re: [mod-security-users] Positive Security Model
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Positive Security Model
|
From: Ivan R. <iva...@gm...> - 2006-05-25 20:04:36
|
On 5/25/06, Edy <em...@ed...> wrote: > How is the performance of the Mod Security right now? Under 1 msec per request running the Certified Rule Set (similar to what's available for free) on modest hardware. On the same modest hardware but installed on a reverse proxy it can achieve 1500 request per second with latency under 1 msec. You can achieve many times better performance with more powerful hardware (e.g. T1000/T2000). I hope to do a test with T1000 in the next couple of months. > From the way i > look at it right now it is based on rules which essentially is negative > security. It supports both models. But positive security rules sets are difficult to write manually. > I believe the chances of false positive is fairly high with > this approach and performance could be a hit if we have a long list of > rules. Depends on the application... > Also on the website, it stated that the modsecurity can be configured as > stand alone WAF but i did not see any package/document which describe > this process. Just configure Apache to work as a reverse proxy and you're done. --=20 Ivan Ristic, Technical Director Thinking Stone, http://www.thinkingstone.com ModSecurity: Open source Web Application Firewall |
