Groups
Conversations
All groups and messages
Send feedback to Google
Help
Sign in
Groups
ModSecurity Core Rule Set project
Conversations
About
ModSecurity Core Rule Set project
1–30 of 64
Welcome to the OWASP Core Rule Set (CRS) project mailing list. Feel free to ask support and general questions about the projects or associated issues and we will do our best to support you.
- CRS Project Leads
Mark all as read
Report abusive group
0 selected
Jakub Kuchar
,
Christian Folini
2
8:04 AM
Newbie question how to deal with WYSIWYG editors
Hey Jakub, On Wed, Feb 01, 2023 at 01:13:36AM -0800, Jakub Kuchar wrote: > running on OWASP
unread,
Newbie question how to deal with WYSIWYG editors
Hey Jakub, On Wed, Feb 01, 2023 at 01:13:36AM -0800, Jakub Kuchar wrote: > running on OWASP
8:04 AM
Blason R
,
Andrew Howe
3
Jan 4
Can I implement CRS like this? Please suggest on my topology
Thank for your valuable suggestion. And yes the HA matters the most but I was thinking from cloud
unread,
Can I implement CRS like this? Please suggest on my topology
Thank for your valuable suggestion. And yes the HA matters the most but I was thinking from cloud
Jan 4
stevek
,
Christian Folini
2
Jan 4
Blocking POST requests with payload
Hey Steve, On Tue, Jan 03, 2023 at 12:41:00PM -0500, stevek wrote: > Is it possible to block this
unread,
Blocking POST requests with payload
Hey Steve, On Tue, Jan 03, 2023 at 12:41:00PM -0500, stevek wrote: > Is it possible to block this
Jan 4
Blason R
,
Andrew Howe
9
Jan 3
Am I missing anything here?
Well - Thanks again. This will not work with my setup since I am serving around 15 portals on my
unread,
Am I missing anything here?
Well - Thanks again. This will not work with my setup since I am serving around 15 portals on my
Jan 3
Blason R
,
Christian Folini
2
12/13/22
Has any one test this bypass against CRS
Hey, hey, Yes, we did check and continuing to discuss it in the #coreruleset channel on the OWASP
unread,
Has any one test this bypass against CRS
Hey, hey, Yes, we did check and continuing to discuss it in the #coreruleset channel on the OWASP
12/13/22
s
12/12/22
team82 WAF bypass abusing JSON...
Hi Just came across https://claroty.com/team82/research/js-on-security-off-abusing-json-based-sql-to-
unread,
team82 WAF bypass abusing JSON...
Hi Just came across https://claroty.com/team82/research/js-on-security-off-abusing-json-based-sql-to-
12/12/22
Blason R
, …
Achim
3
11/15/22
WAF with CDN
Am 15.11.22 um 07:20 schrieb Blason R: > Hi Team, > > > This may sound of the forum but I
unread,
WAF with CDN
Am 15.11.22 um 07:20 schrieb Blason R: > Hi Team, > > > This may sound of the forum but I
11/15/22
Blason R
,
Walter Hop
3
11/7/22
DOS Rules : TX:STATIC_EXTENSIONS
> I am trying to set DOS in Modsecurity CRS 3.3.2 and stumbled upon TX:STATIC_EXTENSIONS. How does
unread,
DOS Rules : TX:STATIC_EXTENSIONS
> I am trying to set DOS in Modsecurity CRS 3.3.2 and stumbled upon TX:STATIC_EXTENSIONS. How does
11/7/22
Blason R
,
Ervin Hegedüs
5
11/6/22
How do I update the rules?
That sounds good and thanks for the clarification. On Sat, Nov 5, 2022 at 5:23 PM Ervin Hegedüs <
unread,
How do I update the rules?
That sounds good and thanks for the clarification. On Sat, Nov 5, 2022 at 5:23 PM Ervin Hegedüs <
11/6/22
Blason R
,
Andrew Howe
3
11/3/22
Base64 encoding is not getting detected
Thank you for the clarification and appreciate it. On Wed, Nov 2, 2022, 16:51 Andrew Howe <
unread,
Base64 encoding is not getting detected
Thank you for the clarification and appreciate it. On Wed, Nov 2, 2022, 16:51 Andrew Howe <
11/3/22
Jay Kelner
,
Franziska Buehler
2
10/27/22
modsecurity-crs performance benchmarks
Hi Jay, Thank you for your interesting question. I'm not aware of any performance testing we'
unread,
modsecurity-crs performance benchmarks
Hi Jay, Thank you for your interesting question. I'm not aware of any performance testing we'
10/27/22
AW
,
Ervin Hegedüs
2
10/19/22
Rule 942100 - filter by libinjection fingerprints
Hi AW, On Wed, Oct 19, 2022 at 02:31:32AM -0700, AW wrote: > Hi, > > i am using mod_sec and
unread,
Rule 942100 - filter by libinjection fingerprints
Hi AW, On Wed, Oct 19, 2022 at 02:31:32AM -0700, AW wrote: > Hi, > > i am using mod_sec and
10/19/22
Blason R
,
Franziska Buehler
3
8/7/22
Use only Malicious country Rule
Thanks for the reply team - On Sun, Aug 7, 2022, 18:38 Franziska Buehler <franziska.buehler@owasp.
unread,
Use only Malicious country Rule
Thanks for the reply team - On Sun, Aug 7, 2022, 18:38 Franziska Buehler <franziska.buehler@owasp.
8/7/22
边明凯
,
azurit
2
6/13/22
Is there any way to identiy which pattern to trigger the owasp crs rule ?
Hi, you can find all information in the web server error logs - what web server are you running? Also
unread,
Is there any way to identiy which pattern to trigger the owasp crs rule ?
Hi, you can find all information in the web server error logs - what web server are you running? Also
6/13/22
林小柔
,
Felipe Zipitria
2
5/29/22
Is the rule of CSRF contained in OWASP CRS 3.2.0 version?
The rule was present in early versions but since mostly all web frameworks have caught up and it
unread,
Is the rule of CSRF contained in OWASP CRS 3.2.0 version?
The rule was present in early versions but since mostly all web frameworks have caught up and it
5/29/22
Walter Hop
4/28/22
Core Rule Set v4.0.0 Release Candidate 1 available
The OWASP ModSecurity Core Rule Set team is proud to announce the Release Candidate 1 for the
unread,
Core Rule Set v4.0.0 Release Candidate 1 available
The OWASP ModSecurity Core Rule Set team is proud to announce the Release Candidate 1 for the
4/28/22
成会明
,
Ervin Hegedüs
3
2/22/22
coreruleset test not works as expected.
Hi, can you show your "modsec3-nginx" file content? Regards, a. On Tue, Feb 22, 2022 at 8:
unread,
coreruleset test not works as expected.
Hi, can you show your "modsec3-nginx" file content? Regards, a. On Tue, Feb 22, 2022 at 8:
2/22/22
Phan Thanh Bình
,
Andrew Howe
4
1/14/22
Quote in file name violates SecRule FILES_NAMES|FILES
Hi, > I remember I already tried with latest, still same as there is no diff actually. To be clear
unread,
Quote in file name violates SecRule FILES_NAMES|FILES
Hi, > I remember I already tried with latest, still same as there is no diff actually. To be clear
1/14/22
Phan Thanh Bình
,
Ervin Hegedüs
13
1/12/22
Why MULTIPART_STRICT_ERROR does not include REQBODY_PROCESSOR_ERROR as specification?
Hi, On Wed, Jan 12, 2022 at 03:41:41AM -0800, Phan Thanh Bình wrote: > Regarding the 'Content-
unread,
Why MULTIPART_STRICT_ERROR does not include REQBODY_PROCESSOR_ERROR as specification?
Hi, On Wed, Jan 12, 2022 at 03:41:41AM -0800, Phan Thanh Bình wrote: > Regarding the 'Content-
1/12/22
Phan Thanh Bình
, …
Ervin Hegedüs
14
1/11/22
How to check the installed version of modsecurity?
Did you get the error message from your rule 200007? -> Yes I also thought to start new thread but
unread,
How to check the installed version of modsecurity?
Did you get the error message from your rule 200007? -> Yes I also thought to start new thread but
1/11/22
Matthias Apitz
,
Christian Folini
4
1/10/22
CVE-2016-1182, CVE-2016-1181, CVE-2015-0899, CVE-2014-0114
Hey Matthias, We share the same problem very often. Sometimes they come with the advisory as an
unread,
CVE-2016-1182, CVE-2016-1181, CVE-2015-0899, CVE-2014-0114
Hey Matthias, We share the same problem very often. Sometimes they come with the advisory as an
1/10/22
Christian Folini
12/22/21
Talking about CRS, Modsecurity and the new Coraza WAF
Dear all, CRS has published a blog post about ModSecurity. In this article we lay down our position
unread,
Talking about CRS, Modsecurity and the new Coraza WAF
Dear all, CRS has published a blog post about ModSecurity. In this article we lay down our position
12/22/21
Max Mustermann
, …
Ervin Hegedüs
3
12/19/21
cronupdate OWAS Core Rule Set (CRS)
Hi Mike, On Sun, Dec 19, 2021 at 07:52:48AM -0800, 'Max Mustermann' via ModSecurity Core Rule
unread,
cronupdate OWAS Core Rule Set (CRS)
Hi Mike, On Sun, Dec 19, 2021 at 07:52:48AM -0800, 'Max Mustermann' via ModSecurity Core Rule
12/19/21
Elia Pinto
, …
Christian Folini
3
12/18/21
CVE-2021-40438
Hey Elia, Adding to this, let me suggest the following: If a certain attack is only detected at a
unread,
CVE-2021-40438
Hey Elia, Adding to this, let me suggest the following: If a certain attack is only detected at a
12/18/21
Steve Hanselman
,
Ervin Hegedüs
3
12/15/21
How do people handle false positives on (e.g.) bootstrap css files?
Perfect, many thanks for the guidance, I'll pop that in. Specifically it's part of the
unread,
How do people handle false positives on (e.g.) bootstrap css files?
Perfect, many thanks for the guidance, I'll pop that in. Specifically it's part of the
12/15/21
Kirk Jackson
,
Manuel Spartan
2
11/3/21
SecAuditLog in a containerised kubernetes environment
Hi Kirk, there are several options the Kubernetes documentation has a section about logging
unread,
SecAuditLog in a containerised kubernetes environment
Hi Kirk, there are several options the Kubernetes documentation has a section about logging
11/3/21
Florian Ockhuysen
, …
Christian Folini
11
8/30/21
How to make Anomaly scores to be shown in Nginx error log?
Thank you very much. Christian On Sat, Aug 28, 2021 at 03:06:44PM -0700, Florian Ockhuysen wrote:
unread,
How to make Anomaly scores to be shown in Nginx error log?
Thank you very much. Christian On Sat, Aug 28, 2021 at 03:06:44PM -0700, Florian Ockhuysen wrote:
8/30/21
Shakil Ahamed
,
Christian Folini
5
8/9/21
I cannot find modsecurity in my /usr/local/ directory
I have solved the issue by reinstalling ModSecurity 3 Regards On Monday, August 9, 2021 at 2:48:30 PM
unread,
I cannot find modsecurity in my /usr/local/ directory
I have solved the issue by reinstalling ModSecurity 3 Regards On Monday, August 9, 2021 at 2:48:30 PM
8/9/21
Kamrul Hasan
,
Christian Folini
2
7/28/21
Which rules to enable from the available 15138 ModSecurity Commercial rules for a Banking App
Hey Kamrul, On Mon, Jul 26, 2021 at 09:31:58PM -0700, Kamrul Hasan wrote: > We have purchased a
unread,
Which rules to enable from the available 15138 ModSecurity Commercial rules for a Banking App
Hey Kamrul, On Mon, Jul 26, 2021 at 09:31:58PM -0700, Kamrul Hasan wrote: > We have purchased a
7/28/21
Christian Folini
6/28/21
Upcoming OWASP ModSecurity Core Rule Set Security Releases
Dear all, A security problem with the OWASP ModSecurity Core Rule Set has been brought to our
unread,
Upcoming OWASP ModSecurity Core Rule Set Security Releases
Dear all, A security problem with the OWASP ModSecurity Core Rule Set has been brought to our
6/28/21