CentOS - Apr 2005 - OT mod_security

Hi guys,

I've planning out my upgrade to CentOS4 and one of my plans for security 
is to impliment the mod_security apache module to filter out unwanted 
malicious intent.

Not having used it before, I wanted to see if anyone here has 
implimented it and did it block any legit traffic or cause resource 
traffic/serious slowdowns of their systems?

I've asked on the forum about secure virtual hosting and have considered 
many options but what I have decided on is a combination of vsftp/TLS to 
chroot users and mod_security to reduce the risk of outside intrusion 
attempts via HTTP.

Is mod_security available as a package on CentOS4/RHEL4 ? I found 
packages for 3 but thus far none for 4.

many thanks

rgds

Franki

i'm also interested with mod_security too anyone implemented this in centos
4?

On 4/15/05, Franki <franki at htmlfixit.com>
wrote:
> Hi guys,
> 
> I've planning out my upgrade to CentOS4 and one of my plans for
security
> is to impliment the mod_security apache module to filter out unwanted
> malicious intent.
> 
> Not having used it before, I wanted to see if anyone here has
> implimented it and did it block any legit traffic or cause resource
> traffic/serious slowdowns of their systems?
> 
> I've asked on the forum about secure virtual hosting and have
considered
> many options but what I have decided on is a combination of vsftp/TLS to
> chroot users and mod_security to reduce the risk of outside intrusion
> attempts via HTTP.
> 
> Is mod_security available as a package on CentOS4/RHEL4 ? I found
> packages for 3 but thus far none for 4.
> 
> many thanks
> 
> rgds
> 
> Franki
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
> 

-- 
Regards,
Mark Quitoriano, CCNA
http://www.atamanetworks.com