Remo rules
Remo does not interfere with your already installed ModSecurity rules—instead, the ModSecurity ruleset is generated for you at the click of a button, and will need to be installed in the proper location on the server. You enter all the requests that you want to protect and they will show up in the right-hand pane. When you are ready to generate the ruleset, you click the image labeled generate, and your browser will download a complete ModSecurity ruleset that has been generated by Remo. We will now see how to make Remo aware of a page in a web application and how to generate and install the resulting ruleset.
Creating and editing rules
To see how Remo works we will create a simple page called register.jsp, which takes three parameters: username, password, and form_id. In our version, this page will simply print out the parameters passed to it, but in a real-world environment this could be a registration page for a forum, members only area, or similar.
We will use Remo to add...
