Ah, my turn to ask for support ;)

Our server gets hammered with attacks again and again. It's good because it forces us to keep b2evolution on the cutting edge of secure. But at the same time there may be vulnerabilities outside the scope of b2evolution (apache, mysql, php upload...), not to mention the wasted resources on responding to bots that scan the site like there's no tomorrow...

I am thinking of making use of mod_security. I actually made a test with the OWASP core basic rules and it logs tons of false positives with b2evolution...

I was wondering if someone has experience with crafting a mod_security ruleset that lets b2evolution do its job and still provide some added security.

I am particularly interested in detecting/blocking robots that scan the site for vulnerabilities like crazy.

Thanks.