Nice article on better securing your public web presence. Does this article help you? We would love to hear from you whether this is the type of article you like to see on this site. Using ModSecurity is not easy. The complexity of your site, your use of PHP, MySQL and other scripting languages will make it more difficult to configure correctly. Basically, the more complex your site, the more time you will need to work out issues with rules. This tutorial will provide you with several important tips to get started with ModSecurity.

Tip #1: Develop A Basic Understanding of ModSecurity
Go to the modsecurity.org website, download and read the documentation. Once that is done you need to know how to find a policy number.

1. Locate a Policy
The rules will be located in the directory you create, probably named modsecurity, and in that directory will be a list of rules. These Core Rules provide generic protection from many unknown vulnerabilities. You will not want to modify the Core Rules, except to turn them on, as when you update you will erase your settings. There are two files that have been created to create custom rules. The first is the modsecurity_crs_15_customrules.conf which lists rules that have been tested for your site and are working effectively. The second is a bailout ruleset, in other words, if you cannot get something to work you can place it in the modsecurity_crs_65_temporary.conf until you can get it fixed. For example, if you need to run ModSecurity but cannot get a specific rule to work you can disable it in this file until you can get it working.

The link for this article located at BeginLinux is no longer available.