Web Server Security ModSecurity rules used by Web Server Security

UTM Firewall requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 1 reply
Subscribers 1 subscriber
Views 3617 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ModSecurity rules used by Web Server Security

JBooks over 9 years ago

Does the Sophos UTM use commercial ModSecurity rules like Trustwave SpiderLabs, Atomicorp, or other? Or are they custom created by Sophos?

This thread was automatically locked due to age.

0 Scott_Klassen over 9 years ago

Does the Sophos UTM use commercial ModSecurity rules like Trustwave SpiderLabs, Atomicorp, or other? Or are they custom created by Sophos?
Neither. UTM uses free base set from owasp. The costing for commercial sets makes them unuseable with the Sophos licensing model and Sophos does not create their own custom rules, they only disable some individual rules that are known to cause issues.

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel