4 reasons not to use mod_security
mod_security provides many options for validating URLs, URIs, and application data. You are, essentially, implementing a custom web application firewall using configuration directives.
If you're on this path then you probably agree that a web application firewall is a good thing, so why would I caution against using mod_security? Read on to find out.
[ Read more ]