Hello, I just installed mod_security2 and I have several problems. I enforce open_basedir on my server (Debian Testing) + have a list of disallowed php functions for every host (exec() and others), but I want to add extra layer of security. Unfortunately, the rules for mod_security2 seem to be quite an overkill (they may be powerful, but also time consuming and performance hog). So, my questions: What is the difference between mod_security and mod_security2? Most guides seem to mention mod_security (which has simple, reasonable rules, but is no longer developed). Are there any (big) security holes in mod_security? I wasn't able to find any comparison. Is there any other module with similar functionality? (No chroot/jail, it's unmaintainable). Are there any simple tests whether mod_security2 is working? I added rules from http://www.gotroot.com/mod_security+rules, which should prevent simple attacks like reading /etc/passwd, but even though it logged some false positives, mod_security2 didn't stop me from displaying this file (not did it log an attack). Maybe the rules didn't work, but they are several lines of regexp each, so it's impossible to check each of them - on contrary to simple rules of mod_security(1).