I set up mod_security, a web firewall for Apache, to deal with comment and trackback spam on my server. This isn’t a complete guide to mod_security, just the information I wish I had when I started.
I’m using mod_security because my server has lots of different blogging tools installed, and there’s no way to centrally protect them all. This won’t take care of all comment or trackback spam, but I’m hoping it will greatly reduce the amount we get. Also, I’m expecting mod_security to be faster than other tools since it stays in memory and doesn’t hit the database.