Scenario:
- ModSecurity with a "default" or "generic" configuration (like the one that might be provided by shared hosting providers, for example).
- Generic web application (custom, uncommon, or unknown), for which specific rules are not provided by ModSecurity.
How useful is ModSecurity in this situation? What percentage of attacks is it going to prevent? What kind of attacks?
Reason for asking this question: there is a web application that, to avoid issues with ModSecurity default rules, suggests to disable it for this specific application if it is causing any trouble. That doesn't sound like great advice to me, however I'm not sure if the default ModSecurity configuration is actually significantly more useful than having no ModSecurity at all (disabled).