Difference between modsec-2.7-free-latest and modsec-version

Community support forums for the free/delayed modsecurity rules feed. There is no such thing as a bad question here as long as it pertains to using the delayed modsecurity rules feed. Newbies feel free to get help getting started or asking questions that may be obvious.
New Forum User
New Forum User
Posts: 1
Joined: Sun Aug 04, 2013 5:35 pm
Location: Minneapolis, MN

Difference between modsec-2.7-free-latest and modsec-version

Unread post by fahnoe »

First, thanks for making your RPMs available and the very thorough documentation on your site.

I'm just getting my feet wet with mod_security and after some digging I'm puzzled about the delayed rules, specifically the difference between the "free-latest" vs the one referenced by WAF_DELAYED_VERSION in the VERSION file. Example:


The FAQ section "Why do you use a VERSION file method?" indicates you want people to use the one referenced by WAF_DELAYED_VERSION I think, but what is the difference between the two?

I started with DetectionOnly and the free-latest, and after some tests have switched SecRuleEngine On. I'm wondering if I should stick with the "free-latest" or revert to the older rules in the other file. I'm using mod_security 2.7.5 and intending to protect a small wordpress site.

Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8338
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth

Re: Difference between modsec-2.7-free-latest and modsec-ver

Unread post by scott »

The modsec-2.7-free-latest.tar.bz2 set is a delayed subset of the rules available in ASL or a real-time feed.
Post Reply