Okay, yes, modsecurity WAF is amazing and all, but... When one tries to implement its rules atop an existing app that wasn't developed in accordance to the rules... That hurts.

How tf am I supposed to parse and present a 6.5GB / 22M line audit log to the client?! Just parsing that monstrosity once takes *minutes*, let alone doing any sort of sorting / analysis!

I feel sick. This is exactly why I am a sysadmin and not a programmer, I don't like writing analysis stuff, or programs more complex than a few hundred lines of bash... :|

Not fair! How come Apache gets its modsecurity module pre-compiled and available in public repositories, but Nginx hides it behind a paywall of their "Plus" package/version?

Ugh... At least they provide the module's source, so one can compile and deploy it by himself...