ModSecurity Core Rule Set project

1–30 of 34

Welcome to the OWASP Core Rule Set (CRS) project mailing list. Feel free to ask support and general questions about the projects or associated issues and we will do our best to support you.

- CRS Project Leads

0 selected

Andrew Howe, Christian Folini4

Apr 13

Why is SecDefaultAction defined twice by default?

On Tue, Apr 13, 2021 at 11:38:45AM +0100, Andrew Howe wrote: > Hi Christian, > > A-hah, that

unread,

Why is SecDefaultAction defined twice by default?

On Tue, Apr 13, 2021 at 11:38:45AM +0100, Andrew Howe wrote: > Hi Christian, > > A-hah, that

Apr 13

Blason R, Christian Folini5

Mar 22

Does CRS support protection from HTTP Request Smuggling attacks?

Awesome and thank you Sire :) On Mon, Mar 22, 2021 at 2:51 PM Christian Folini <christian.folini@

unread,

Does CRS support protection from HTTP Request Smuggling attacks?

Awesome and thank you Sire :) On Mon, Mar 22, 2021 at 2:51 PM Christian Folini <christian.folini@

Mar 22

Larry David, Ervin Hegedüs3

Mar 9

913100 Detecting but not Blocking

Yes of course - SecDefaultAction. I had all SecDefaultAction lines # out such as #SecDefaultAction

unread,

913100 Detecting but not Blocking

Yes of course - SecDefaultAction. I had all SecDefaultAction lines # out such as #SecDefaultAction

Mar 9

Andrew Howe, Christian Folini2

11/16/20

Memory issue with specific CRS rules (variable expansion in compiled operators)

Hey Andrew, I think you never got a response for this. Personally, I was not aware of this problem.

unread,

Memory issue with specific CRS rules (variable expansion in compiled operators)

Hey Andrew, I think you never got a response for this. Personally, I was not aware of this problem.

11/16/20

oma...@gmail.com

10/27/20

exclusion for attack-lfi

Hello, there are many occurrences of single double dot '/../' in sites I try to protect by

unread,

exclusion for attack-lfi

Hello, there are many occurrences of single double dot '/../' in sites I try to protect by

10/27/20

rsomme...@cloudflare.com, … Christian Folini3

10/15/20

Allow HTTP/3 by default in 901163/920430

On Tue, Oct 13, 2020 at 04:52:46AM -0700, 'Barry Pollard' via ModSecurity Core Rule Set

unread,

Allow HTTP/3 by default in 901163/920430

On Tue, Oct 13, 2020 at 04:52:46AM -0700, 'Barry Pollard' via ModSecurity Core Rule Set

10/15/20

Christian Folini

9/14/20

CVE-2020-15598 – ModSecurity v3 Affected By DoS (Severity HIGH)

Dear all, ModSecurity v3.0.x is affected by a Denial of Service vulnerability due to the global

unread,

CVE-2020-15598 – ModSecurity v3 Affected By DoS (Severity HIGH)

Dear all, ModSecurity v3.0.x is affected by a Denial of Service vulnerability due to the global

9/14/20

Mike Melo, Ervin Hegedüs7

8/13/20

tried ftwrunner, most tests failing

ok thanks for that, will check out the skipped test details... On Thursday, August 13, 2020 at 5:14:

unread,

tried ftwrunner, most tests failing

ok thanks for that, will check out the skipped test details... On Thursday, August 13, 2020 at 5:14:

8/13/20

Mike Melo, … Christian Folini4

8/11/20

CRS regression tests

On Tue, Aug 11, 2020 at 02:22:06PM -0700, Mike Melo wrote: > Thank you!!!! > > this

unread,

CRS regression tests

On Tue, Aug 11, 2020 at 02:22:06PM -0700, Mike Melo wrote: > Thank you!!!! > > this

8/11/20

johan fillon, Ruben van Vreeland3

7/29/20

How to log in Anomaly Scoring mode + change the default http status 403 ??

Hello Ruben, thanks for your answer. Having a nolog in my configuration on the lines SecAction "

unread,

How to log in Anomaly Scoring mode + change the default http status 403 ??

Hello Ruben, thanks for your answer. Having a nolog in my configuration on the lines SecAction "

7/29/20

7/1/20

Core Rule Set v3.3.0 available

The OWASP ModSecurity Core Rule Set team is proud to announce the final release for CRS v3.3.0. For

unread,

Core Rule Set v3.3.0 available

The OWASP ModSecurity Core Rule Set team is proud to announce the final release for CRS v3.3.0. For

7/1/20

Alex Hautequest, Christian Folini2

6/30/20

CRS for limiting path names length/count

Hey Alex, There is no prepared rule for this. So you may want to write one yourself. SecRule

unread,

CRS for limiting path names length/count

Hey Alex, There is no prepared rule for this. So you may want to write one yourself. SecRule

6/30/20

6/18/20

OWASP ModSecurity Core Rule Set v3.3.0 Release Candidate 2 available

The OWASP ModSecurity Core Rule Set team is proud to announce the release candidate 2 for the

unread,

OWASP ModSecurity Core Rule Set v3.3.0 Release Candidate 2 available

The OWASP ModSecurity Core Rule Set team is proud to announce the release candidate 2 for the

6/18/20

6/10/20

Re: [mod-security-users] CentOS 8 Build moving modules to new server

hi Joe, On Wed, Jun 10, 2020 at 03:15:46PM +0000, Madden, Joe via mod-security-users wrote: > Hi

unread,

Re: [mod-security-users] CentOS 8 Build moving modules to new server

hi Joe, On Wed, Jun 10, 2020 at 03:15:46PM +0000, Madden, Joe via mod-security-users wrote: > Hi

6/10/20

5/27/20

SecGeoLookupDB & file format

Greetings, I would like to use the GeoIP feature of CRS to block by country-IP, however the crs-setup

unread,

SecGeoLookupDB & file format

Greetings, I would like to use the GeoIP feature of CRS to block by country-IP, however the crs-setup

5/27/20

5/27/20

OWASP ModSecurity Core Rule Set v3.3.0 Release Candidate 1 available

The OWASP ModSecurity Core Rule Set team is proud to announce the release candidate 1 for the

unread,

OWASP ModSecurity Core Rule Set v3.3.0 Release Candidate 1 available

The OWASP ModSecurity Core Rule Set team is proud to announce the release candidate 1 for the

5/27/20

john smith, … Christian Folini7

5/23/20

Looking for a way to measure response time

Hi, Sorry to pop this back up but i couldn't find a way nor did i get a response on my last

unread,

Looking for a way to measure response time

Hi, Sorry to pop this back up but i couldn't find a way nor did i get a response on my last

5/23/20

Christian Folini

5/13/20

Core Rule Set github repository moved to new location

Dear all, The OWASP ModSecurity Core Rule Set project has moved house. The project repository is no

unread,

Core Rule Set github repository moved to new location

Dear all, The OWASP ModSecurity Core Rule Set project has moved house. The project repository is no

5/13/20

Mike Melo, Christian Folini3

4/17/20

add a response header in MS3 to transfer timing information

thanks Christian, will keep you posted. On Friday, April 17, 2020 at 6:49:07 AM UTC-4, Christian

unread,

add a response header in MS3 to transfer timing information

thanks Christian, will keep you posted. On Friday, April 17, 2020 at 6:49:07 AM UTC-4, Christian

4/17/20

Stephan Fourie, Christian Folini2

4/13/20

Exclusion Rules for dynamic ARGS

Hello Stephan, You are in a bad situation, but you are not the first one stuck with this lack of

unread,

Exclusion Rules for dynamic ARGS

Hello Stephan, You are in a bad situation, but you are not the first one stuck with this lack of

4/13/20

john smith, Christian Folini3

3/11/20

CRS Rules and Apache responses

On Tue, Mar 10, 2020 at 04:55:15PM -0700, john smith wrote: > Well since i got not replies i

unread,

CRS Rules and Apache responses

On Tue, Mar 10, 2020 at 04:55:15PM -0700, john smith wrote: > Well since i got not replies i

3/11/20

Paul Beckett, Christian Folini2

11/28/19

Best CRS branch for production

Hello Paul, CRS 3.2.0 is the latest stable release. https://modsecurity.org/crs is not under the

unread,

Best CRS branch for production

Hello Paul, CRS 3.2.0 is the latest stable release. https://modsecurity.org/crs is not under the

11/28/19

Christian Folini, Paul Beckett2

11/28/19

Infos for the participants of the CRS Community Summit, September 25, Amsterdam

Were slides or recording from the CRS Community Sumit posted anywhere? Thanks, Paul

unread,

Infos for the participants of the CRS Community Summit, September 25, Amsterdam

Were slides or recording from the CRS Community Sumit posted anywhere? Thanks, Paul

11/28/19

Stephan Fourie, Christian Folini3

10/28/19

Prestashop Exclusion Rules

Hi Christian, Thanks for the reply! Yes, paranoia level 1. I'll report the false positive hits

unread,

Prestashop Exclusion Rules

Hi Christian, Thanks for the reply! Yes, paranoia level 1. I'll report the false positive hits

10/28/19

9/26/19

Announcement: msc_pyparser

Hi all, (sorry for the cross posting) let me announce the msc_pyparser tool, a ModSecurity ruleset

unread,

Announcement: msc_pyparser

Hi all, (sorry for the cross posting) let me announce the msc_pyparser tool, a ModSecurity ruleset

9/26/19

9/24/19

Announcement: OWASP ModSecurity Core Rule Set Version 3.2.0

Dear all, The OWASP ModSecurity Core Rule Set team is proud to announce the general availability of

unread,

Announcement: OWASP ModSecurity Core Rule Set Version 3.2.0

Dear all, The OWASP ModSecurity Core Rule Set team is proud to announce the general availability of

9/24/19

9/19/19

OWASP ModSecurity Core Rule Set v3.2.0-RC3

Dear all, The OWASP ModSecurity Core Rule Set team is proud to announce the general availability of

unread,

OWASP ModSecurity Core Rule Set v3.2.0-RC3

Dear all, The OWASP ModSecurity Core Rule Set team is proud to announce the general availability of

9/19/19

9/3/19

OWASP ModSecurity Core Rule Set v3.2.0-RC2

Dear all, The OWASP ModSecurity Core Rule Set team is proud to announce the general availability of

unread,

OWASP ModSecurity Core Rule Set v3.2.0-RC2

Dear all, The OWASP ModSecurity Core Rule Set team is proud to announce the general availability of

9/3/19

Christian Folini

6/27/19

OWASP ModSecurity Core Rule Set 3.1.1 released

The OWASP ModSecurity Core Rule Set team is pleased to announce the CRS release v3.1.1. This is a

unread,

OWASP ModSecurity Core Rule Set 3.1.1 released

The OWASP ModSecurity Core Rule Set team is pleased to announce the CRS release v3.1.1. This is a

6/27/19

Stephan Fourie, Christian Folini2

5/22/19

Access blocked using anomaly scoring with a high threshold

Hi Stefan, Are you sure, it is CRS blocking this? The single alert you posted below bring you to a

unread,

Access blocked using anomaly scoring with a high threshold

Hi Stefan, Are you sure, it is CRS blocking this? The single alert you posted below bring you to a

5/22/19

Search

Clear search

Close search

Google apps

Main menu