Summary
In this chapter we looked at Remo, which is a web application to create and edit ModSecurity rules. We learned how Remo can be used to apply a positive security model to a web application, meaning that we specify exactly what is allowed and deny everything else. This is a more secure approach than a negative security model, which blocks only that which is explicitly defined as malicious traffic. After this we looked at the Remo interface, and how to use it. Finally, we saw how to use the log file area in Remo to debug failed requests and how to tweak the Remo configuration to for example add new standard data values.
In the next chapter we will be applying the positive security model to lock down a web discussion forum.
