Apache mod security

I have been working on a web proxy lately to put all of our production web servers behind. My part was to find an ids to integrate into the proxy. I found mod_security for apache. It is pretty sweet. Like any ids it has a bunch of rule sets like sql injection, xss, xst, command injection, etc... that it looks and it either logs the request, stops the request, or redirects the request. It is a pretty sweet project and so far it has worked well for us. it is best to only log requests at first or else the ids may stop legitimate traffic based on false positives.