I was looking to see what the ModSecurity DoS protection parameters are set to on the firewall, and I noticed that the tx.dos_counter_threshold variable is not set anywhere. This causes ModSecurity to ignore the DoS protection rule.
Is this because I'm supposed to only use the SYN/TCP/UDP flood settings for web server DoS protection?
Or am I supposed to add the necessary ModSecurity variables to /usr/apache/conf/waf/modsecurity.conf?
Will doing the above break any ToS/warranty/etc.. ?
This thread was automatically locked due to age.