Web Server Security ModSecurity rules used by Web Server Security

UTM Firewall requires membership for participation - click to join

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ModSecurity rules used by Web Server Security

JBooks over 10 years ago

Does the Sophos UTM use commercial ModSecurity rules like Trustwave SpiderLabs, Atomicorp, or other? Or are they custom created by Sophos?

This thread was automatically locked due to age.

0 Scott_Klassen over 10 years ago

Does the Sophos UTM use commercial ModSecurity rules like Trustwave SpiderLabs, Atomicorp, or other? Or are they custom created by Sophos?
Neither. UTM uses free base set from owasp. The costing for commercial sets makes them unuseable with the Sophos licensing model and Sophos does not create their own custom rules, they only disable some individual rules that are known to cause issues.

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1