Analyst Journal @ 22 Apr 2009 05:02 pm by ayoi
My friend’s gave a presentation on the mod_security usage last few weeks to a group of users from the government. In his presentation he gave a demo on how mod_security managed to prevent “blind sql injection” attacks on the application run on mod_security enabled web engine. He even received a thunderous applaud from the audience once he concluded his presentation. However one of the attendees asked one good question afterward.
“My friend said you do not need to installed any WAF (web application firewall). All you need to do is fine tune the firewall filtering policies and that’s it.”
