4 reasons not to use mod-security

Apache is a great web server if for no other reason than it offers more flexibility through modules than just about any other web server. You can plug-in all sorts of modules to enhance the functiona...
Published Jul 23, 2008
Version 1.0
apache
application security
BIG-IP
firewall
http
internet
security

Was this article helpful?

Lori_MacVittie's avatar
Lori_MacVittie
Icon for Employee rankEmployee
Jul 23, 2008
As a follow up, I also suggest reading through the recommended requirements for qualifying as an acceptable WAF solution for PCI DSS:

 

 

PCI DSS 6.6 Clarification

 

 

I do not believe Apache mod_security meets all of these guidelines.