I’m just wondering what are the best rules that we can use in ModSecurity, not so agressive and not so soft. Also allow Google Bots and other things that may needed…
I see that the default one which CP is coming is :
SecRule ARGS “../” “t:normalisePathWin,id:99999,severity:4,msg:‘Drive Access’ ,log,auditlog,deny”,
But we can’t even save that since there is a small bug which is not allowing to save that… But still i don’t know if this is the best way for rules.
4 - Mod Security Rules Packages
did you not know about the rules pack i linked above ? comes shipped with owasp rules pack.
noted, but better use rules pack.
You won’t be able to write rules on your own.
did you put the last , there by mistake or was it there ?
It was there that’s why i asked, should i remove and click save?
Yes but it should not be there.
Can you upgrade to v2.3.5-dev and see? as I pushed a commit.
I am very affraid to do that because it may break things and i’m in a production server. But i can do if there is no risk if something go bad to revert back as it is at the moment?
Unfortunately i can’t even do server snapshots because dedicated server doesn’t have any option to do that and the only backups that i have is websites. But if somethings messed up i need more than 1 day to make things as they are 
But i said, if there is any way to revert if something bad happens while upgrading just tell me and i am happy to test it.
Note, i manually deleted the , at the end so i can’t put it back though and to test the last commit
,
Alright, you can wait for its official release no problem.
