ModSecurity is a really powerful beast. It can do anything you want, at least when what you want concerns protecting your web applications. But you need to know how to tell it what you want, and this is not trivial at times. This is why I like the Core Rule Set; it is designed to provide as much security as possible without requiring the user to tell ModSecurity exactly what to do.
But many are stuck before they even reach this stage and can't get ModSecurity running. Luckily since many people run ModSecurity, someone will always know how to make ModSecurity run on your platform, whether it is Solaris on Sparc or a Mac, and you can find most of the on the ModSecurity mailing list. Just recently I found two nice write-ups about installing ModSecurity on different flavors of Linux which I though you will find useful:
- Speedy from Bellevue, Washington writes about installing ModSecurity, focusing on Fedora Core and RedHat Enterprise.
- Tedi from Jakarta, Indonesia writes about installing ModSecurity on OpenSUSE.
If you want to share your ModSecurity installation tips on a specific platform, just drop me a work and I will add it to this blog entry.