Some time ago i promised (thanks to christian folini for his request)
to publish on this list the WAFSEC 1.0 evaluation matrix for mod_security
that I had made some time ago. It is here:
My evaluation work is based on using mod_security, together with the REMO
policy engine and the jwall audit console.
Comments are welcome. Moreover, if it might be worthwhile, I give right now to
mod_security developers the rights to publish this the document, all or in
part, on the project web site, eventually integrated and corrected.
I hope this document could be useful to someone, and not so wrong in the