Atomicorp

Makes sense. Thanks! I'd bet some of those were Joomla specific exceptions, so I'm going to have to check and see if any of those sites are broken or partly broken...not a biggie So...I commented all those out but seeing this a lot in the windows application log: 1) ModSecurity: ipMatch Internal Err...

Yes, that's because IIS doesn't understand LocationMatch. Just comment those out. We'll be putting out an IIS specific ruleset shortly that doesnt include them. Thanks! is there a workaround? I'm more than a little concerned about potential security vulnerabilities arising from disabling those rule...

Modsecurity newbie here... I have installed modsecurity on iis 7.5 and got the default modescurity rules (including owasp crs ruleset) working. However they were too restrictive for a couple of Joomla sites. So the Atomicorp paid subscription version of the looked like the perfect solution so I sign...