Redistributable mod_security rules
I've been working the past few days on improving our general shared
hosting environment. After adding many rules in postfix to deny all
sorts of trouble sources, added some DoS firewall rules for all daemons
(mainly doing rate limiting stuffs), I want to protect the web content
of my customers against the common attacks. For that, mod_security is
one of the obvious solutions.
I have implemented already the "core rules sets" of mod_security. These
are quite nice already, but I am not really satisfied yet.
I was wondering if somebody had seen somewhere the equivalent of the set
of rules seen on gotroot.com. BUT, with the very important exception
that I need some DFSG-free. I'd appreciate a lot some pointers here.
What I'm searching for is rules for ugly web apps, that are often
targets of attacks, like phpBB, Joomla, and others. I need things to
prevent injections of content, in mysql, or even spam holes.
Also, I'd appreciate some returns on experience that you guys might
have, in a hostile shared hosting environment with non-aware of security
customers, and in particular (but not only) with mod_security. How does
the "core rules sets" is behaving? Anything bad to report?