Hi, Does anyone have any experience of using mod_security for PCI compliance (where you've self tuned it, rather than using a Breach supplied rule set)? Apparently Breach won't sell me commercial support or any pre-canned rule sets as I'm not in the US (I'm assuming they still do there, though I can find nothing on their web site about anything other than commercial appliances). Seems a shame as mod_security looks like a good and respected module, but without at least support and preferably the pre-written / starting point for the PCI rules I may have to look around for other products (certainly if it's a choice of commercial appliances using mod_security or other commercial appliances that would also meet PCI requirements then I'll need to open it up fully). Or does anyone know of any other companies that are providing commercial support for mod_security now that Breach appear to be winding theirs down? Any help/advice people can give on this is appreciated. Cheers,Laurie Calverley
Be a Hero and Win with Iron Man
Get latest updates about Open Source Projects, Conferences and News.