Has anyone configured Windchill Apache with the mod_security module successfully?

Hi,

I am building a secure remote apache server located in a DMZ, which will be used to allow select external internet based customers/suppliers access to our (up to now) Internal Windchill System - there is hence a high requirement for security on such a system.

In order to protect the Windchill Application, I have installed and configured the mod_security module for apache that strips out various types of known attacks (its a web application firewall) and thus protects the Windchill Application from being attacked.

Unfortunately, the recommended mod_security rule set seems to be rather over-zealous in protecting the application, to the point that several of the Windchill pages do not render properly.

Has anyone configured mod_security to work with their Windchill Apache server, and if so, do they have a ruleset or advice that they would be willing to share?

Thanks in advance

Rgds

Gary