Master thesis topic - mod_security

Are there any research to be done t开发者_运维问答hat could use mod_security?

There's some sentiment out there that tools like mod_security don't actually increase security at all. Sure, they do "block" common vectors, so they are not useless. But the thing is, the only way to secure code is to make the code secure. Everything else is just a band-aid. That's not to say they are not useful as an extra line of defense. The best defense is multi-layered. But my point is that mod_security is not securing any websites. It's just plugging common holes (which are more than likely not present)... There's a fine line in there, but it's a line that has to be drawn...

As far as how to make it more research-like, I would simply do your homework. Go out and look at real world attacks and attack vectors. Look at the common themes. If you don't understand how the attacks are happening in the first place, how can you possibly hope to build a tool or create rules to defend against them?!?!?

But that's just my $0.02...