Rules Confusion

[jec6jec6]

I have a question regarding the ASL rules and the modsecurity core ruleset that is currently available.
1. Do I need to use the core ruleset and ontop of that add the ASL rules
2. If not Does the ASL rules cover all the things contained in the core ruleset?

Thanks

[faris]

The ASL rules completely replace the Core ruleset and IMHO are an order of magnitude more wide ranging.

I'll let Scott or Mike comment officially though

Faris.

[mikeshinn]

Our intention is for our rules to be all inclusive. You'll find that our rules also cover many areas that the core rules do not, such as antispam, hidden text attacks, Just In Time Patching, malware and spam blacklisting and other features. So its actually the other way around, the core rules do not cover everything and you do not need the core rules with our rules. They stand alone. If you want to use other rules, please feel free to do so (we just dont support other peoples rules, although feel free to post about them on our forums, we'll help if we can)

Our rules are also designed to work out of the box with as little expertise or tuning necessary. The core rules require tuning before you should turn them on to block attacks. So if you want rules that will stop the attacks and require as little work on your part as possible, use our rules. We're cyber security experts but we also understand hosting (Scott and I are Plesk founders) - so we know you need a product that just works - and everything we make is based on the philosophy that Security is for Everyone. We don't expect you to be an expert - thats what you pay us for - and if we can't make it work for you thats our fault and we will fix it. Security and Convenience, all in one package.

Hope that answers your questions.