Rules

If you are using Pingdom, a service for monitoring web sites, you will need to white list the service IP addresses to make it work with the core rule set. You can find rules to do so here.

Guides

• Max Garrick provides an excellent guide on how to tune a rule set for your own environment. Note that this is check list and not a step by step guide.

The most common way to solve a compatibility issue between ModSecurity or one of its rule sets and an application is to disable ModSecurity. In ModSecurity 1.x this can be done in .htaccess limiting it to the current directory, but in ModSecurity 2.x there is no such mechanism. Whether global or limited to a directory, such an exception is not advisable security-wise.

A better way is to create a finer exception that would disable specific rules or signatures only for a specific URL or parameter. This section collects such exceptions.

Rule Sets

To get effective security from ModSecurity you need rules, and I strongly recommend using the core rule set, though I do need to mention that I wrote it.