« mod_jk vs. mod_proxy - connectivity options | Main | Useful Offsite Trinket - Using Apache Virtual Hosts and ProxyPass Together »

07/24/2008

Interesting DevCentral Post

There is an interesting post over on F5's DevCentral site regarding 4 reasons to not use mod_security (aka ModSecurity)--interesting not only for the content within the article but also because of the reactions from a (current?) member of the modsecurity team. As I had not heard of modsecurity before, this post has the added benefit of introducing me to modsecurity, which F5 probably did not intend...

Now the modsecurity folks and some others are viewing the article as an F5 "bash" of ModSecurity and the F5 folks are saying they aren't "bashing" modsecurity. From my perspective, one vendor listing 4 reasons why you shouldn't use a competitor's product is called "Marketing" and the open source community needs to be a bit less dramatic about what a competing product or project writes up about your product/project.

One point that both agree on is that you don't need to be a security expert or protocol expert to use their respective products but I'm not sure that I'm all that comfortable with the "set it and forget it" philosophy for application security-related products. You may not necessarily need to be an "expert" but you still should have some kind of understanding of http so you can scare up some kind of plausible reason why your site's down in whole or in part due to the loading of some rule. Your bosses certainly aren't going to ask F5 or ModSecurity first.

TrackBack

TrackBack URL for this entry:
https://www.typepad.com/services/trackback/6a01156fbc6fe6970c0115722880c2970b

Listed below are links to weblogs that reference Interesting DevCentral Post:

Comments