Re: Rules database

Tom Anderson wrote:
 >
>>   It never took off. At the last minute I decided a repository
>>   of rules that worked only in mod_security was not the best
>>   way forward. Instead, I designed the portable web application
>>   firewall rule format http://www.modsecurity.org/projects/wasprotect/.
> 
> OMG, that looks horrible!

   :)

   It will look even worse when a layer of meta-data is added to it.

> Please don't make that the only accepted 
> format.

   ModSecurity will support both formats in version 2, so don't
   worry.

> Human readability is key.

   I agree.

> XML is good for sharing rules between systems, but not for human 
> maintained configs.

   Again, I agree. The new XML-based format was designed just for
   that purpose (sharing between systems), hence the added
   complexity.

--

-- 
Ivan Ristic
Apache Security (O'Reilly) - http://www.apachesecurity.net
Open source web application firewall - http://www.modsecurity.org

-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click