“I'm very new to ModSecurity and I found the guide to be very useful as a beginner. The books pacing is very good, starting with basics, not assuming the reader to be an expert and slowly going to great depths and advanced levels.
“I used this book to build a FIPS 140-2 WAF with ModSecurity and Nginx. This book greatly accelerated the development of my abilities with ModSecurity. Worth the money all day.
“This book is a must have for anyone tasked with protecting web apps with ModSecurity. While there are many tutorials and various hints and tricks scattered throught the internet, this book will take you from a complete beginner to ModSecurity ninja level status by the time you're done.
“I learnt some new tips, even after 15 years using ModSecurity!
“Complete and authoritative
“Anyone who has used, or attempted to use, ModSecurity web application firewall on their own knows how time consuming—and frustrating—it can be. This book serves as a brotherly guide to installing, configuring and running ModSecurity effectively with less pain.
“Finally, there is a concise overview of ModSecurity from the main developer of the module. The official documentation of ModSecurity falls short in the rule writing area. And this is where this book excels.
“As the Sr. Product Manager of a service provider that is leveraging ModSecurity for its WAF solution, I advise that if you are at all serious about deploying ModSecurity, then this book is you should own.
“This book is now my first reference point for any queries regarding ModSecurity configuration, optimization and rule writing. Over the years, there are many tips and useful information scattered through blogs and mailing lists, but it's good to have the best of those pulled together into a single reference document.
“All you need to harden your web presence with ModSecurity is at your fingertips with the ModSecurity Handbook.
“I'm a penetration tester and regularly come in contact with WAF's, including ModSecurity. This book has all necessary information not only to setup ModSecurity as a defender, but also provides a deep dive into the ruleset and how it works.
“This is a nerdy reference book.