Hey all, First time poster, I appreciate anyone's time to respond and help point me in the right direction. I apologize if I'm asking questions that are already answered, my knowledge in this arena is very limited, so I'm not sure of the terminology to search on just yet. I have a small e-commerce business venture that I and 2 partners are working hard to get off the ground. My role has usually been front-end web design, but I am quickly becoming our resident server manager - it's a role I'm quite unfamiliar with... I can usually poke around and figure out what I need to set or modify, but server security is proving to be a difficult learning curve. Enter Mod Security - with advice from our host provider (We're currently on a VPS, but planning to upgrade to fully-dedicated soon), we began looking at Mod Security to help keep the intruders at bay. Is there any books, documentation, guidelines, etc, that can help me learn & understand from a complete beginner standpoint, how to manage, modify, test and adjust as necessary the ins and outs of Mod Security? Are there any 'rules' that a person could comfortable use as a starting point, and not risk hosing the site? Thanks again in advance, I appreciate your time.