Groups
Conversations
All groups and messages
Send feedback to Google
Help
Sign in
Groups
ModSecurity Core Rule Set project
Conversations
About
ModSecurity Core Rule Set project
1–30 of 49
Welcome to the OWASP Core Rule Set (CRS) project mailing list. Feel free to ask support and general questions about the projects or associated issues and we will do our best to support you.
- CRS Project Leads
Mark all as read
Report abusive group
0 selected
Walter Hop
Apr 28
Core Rule Set v4.0.0 Release Candidate 1 available
The OWASP ModSecurity Core Rule Set team is proud to announce the Release Candidate 1 for the
unread,
Core Rule Set v4.0.0 Release Candidate 1 available
The OWASP ModSecurity Core Rule Set team is proud to announce the Release Candidate 1 for the
Apr 28
成会明
,
Ervin Hegedüs
3
Feb 22
coreruleset test not works as expected.
Hi, can you show your "modsec3-nginx" file content? Regards, a. On Tue, Feb 22, 2022 at 8:
unread,
coreruleset test not works as expected.
Hi, can you show your "modsec3-nginx" file content? Regards, a. On Tue, Feb 22, 2022 at 8:
Feb 22
Phan Thanh Bình
,
Andrew Howe
4
Jan 14
Quote in file name violates SecRule FILES_NAMES|FILES
Hi, > I remember I already tried with latest, still same as there is no diff actually. To be clear
unread,
Quote in file name violates SecRule FILES_NAMES|FILES
Hi, > I remember I already tried with latest, still same as there is no diff actually. To be clear
Jan 14
Phan Thanh Bình
,
Ervin Hegedüs
13
Jan 12
Why MULTIPART_STRICT_ERROR does not include REQBODY_PROCESSOR_ERROR as specification?
Hi, On Wed, Jan 12, 2022 at 03:41:41AM -0800, Phan Thanh Bình wrote: > Regarding the 'Content-
unread,
Why MULTIPART_STRICT_ERROR does not include REQBODY_PROCESSOR_ERROR as specification?
Hi, On Wed, Jan 12, 2022 at 03:41:41AM -0800, Phan Thanh Bình wrote: > Regarding the 'Content-
Jan 12
Phan Thanh Bình
, …
Ervin Hegedüs
14
Jan 11
How to check the installed version of modsecurity?
Did you get the error message from your rule 200007? -> Yes I also thought to start new thread but
unread,
How to check the installed version of modsecurity?
Did you get the error message from your rule 200007? -> Yes I also thought to start new thread but
Jan 11
Matthias Apitz
,
Christian Folini
4
Jan 10
CVE-2016-1182, CVE-2016-1181, CVE-2015-0899, CVE-2014-0114
Hey Matthias, We share the same problem very often. Sometimes they come with the advisory as an
unread,
CVE-2016-1182, CVE-2016-1181, CVE-2015-0899, CVE-2014-0114
Hey Matthias, We share the same problem very often. Sometimes they come with the advisory as an
Jan 10
Christian Folini
12/22/21
Talking about CRS, Modsecurity and the new Coraza WAF
Dear all, CRS has published a blog post about ModSecurity. In this article we lay down our position
unread,
Talking about CRS, Modsecurity and the new Coraza WAF
Dear all, CRS has published a blog post about ModSecurity. In this article we lay down our position
12/22/21
Max Mustermann
, …
Ervin Hegedüs
3
12/19/21
cronupdate OWAS Core Rule Set (CRS)
Hi Mike, On Sun, Dec 19, 2021 at 07:52:48AM -0800, 'Max Mustermann' via ModSecurity Core Rule
unread,
cronupdate OWAS Core Rule Set (CRS)
Hi Mike, On Sun, Dec 19, 2021 at 07:52:48AM -0800, 'Max Mustermann' via ModSecurity Core Rule
12/19/21
Elia Pinto
, …
Christian Folini
3
12/18/21
CVE-2021-40438
Hey Elia, Adding to this, let me suggest the following: If a certain attack is only detected at a
unread,
CVE-2021-40438
Hey Elia, Adding to this, let me suggest the following: If a certain attack is only detected at a
12/18/21
Steve Hanselman
,
Ervin Hegedüs
3
12/15/21
How do people handle false positives on (e.g.) bootstrap css files?
Perfect, many thanks for the guidance, I'll pop that in. Specifically it's part of the
unread,
How do people handle false positives on (e.g.) bootstrap css files?
Perfect, many thanks for the guidance, I'll pop that in. Specifically it's part of the
12/15/21
Kirk Jackson
,
Manuel Spartan
2
11/3/21
SecAuditLog in a containerised kubernetes environment
Hi Kirk, there are several options the Kubernetes documentation has a section about logging
unread,
SecAuditLog in a containerised kubernetes environment
Hi Kirk, there are several options the Kubernetes documentation has a section about logging
11/3/21
Florian Ockhuysen
, …
Christian Folini
11
8/30/21
How to make Anomaly scores to be shown in Nginx error log?
Thank you very much. Christian On Sat, Aug 28, 2021 at 03:06:44PM -0700, Florian Ockhuysen wrote:
unread,
How to make Anomaly scores to be shown in Nginx error log?
Thank you very much. Christian On Sat, Aug 28, 2021 at 03:06:44PM -0700, Florian Ockhuysen wrote:
8/30/21
Shakil Ahamed
,
Christian Folini
5
8/9/21
I cannot find modsecurity in my /usr/local/ directory
I have solved the issue by reinstalling ModSecurity 3 Regards On Monday, August 9, 2021 at 2:48:30 PM
unread,
I cannot find modsecurity in my /usr/local/ directory
I have solved the issue by reinstalling ModSecurity 3 Regards On Monday, August 9, 2021 at 2:48:30 PM
8/9/21
Kamrul Hasan
,
Christian Folini
2
7/28/21
Which rules to enable from the available 15138 ModSecurity Commercial rules for a Banking App
Hey Kamrul, On Mon, Jul 26, 2021 at 09:31:58PM -0700, Kamrul Hasan wrote: > We have purchased a
unread,
Which rules to enable from the available 15138 ModSecurity Commercial rules for a Banking App
Hey Kamrul, On Mon, Jul 26, 2021 at 09:31:58PM -0700, Kamrul Hasan wrote: > We have purchased a
7/28/21
Christian Folini
6/28/21
Upcoming OWASP ModSecurity Core Rule Set Security Releases
Dear all, A security problem with the OWASP ModSecurity Core Rule Set has been brought to our
unread,
Upcoming OWASP ModSecurity Core Rule Set Security Releases
Dear all, A security problem with the OWASP ModSecurity Core Rule Set has been brought to our
6/28/21
Andrew Howe
,
Christian Folini
4
4/13/21
Why is SecDefaultAction defined twice by default?
On Tue, Apr 13, 2021 at 11:38:45AM +0100, Andrew Howe wrote: > Hi Christian, > > A-hah, that
unread,
Why is SecDefaultAction defined twice by default?
On Tue, Apr 13, 2021 at 11:38:45AM +0100, Andrew Howe wrote: > Hi Christian, > > A-hah, that
4/13/21
Blason R
,
Christian Folini
5
3/22/21
Does CRS support protection from HTTP Request Smuggling attacks?
Awesome and thank you Sire :) On Mon, Mar 22, 2021 at 2:51 PM Christian Folini <christian.folini@
unread,
Does CRS support protection from HTTP Request Smuggling attacks?
Awesome and thank you Sire :) On Mon, Mar 22, 2021 at 2:51 PM Christian Folini <christian.folini@
3/22/21
Larry David
,
Ervin Hegedüs
3
3/9/21
913100 Detecting but not Blocking
Yes of course - SecDefaultAction. I had all SecDefaultAction lines # out such as #SecDefaultAction
unread,
913100 Detecting but not Blocking
Yes of course - SecDefaultAction. I had all SecDefaultAction lines # out such as #SecDefaultAction
3/9/21
Andrew Howe
,
Christian Folini
2
11/16/20
Memory issue with specific CRS rules (variable expansion in compiled operators)
Hey Andrew, I think you never got a response for this. Personally, I was not aware of this problem.
unread,
Memory issue with specific CRS rules (variable expansion in compiled operators)
Hey Andrew, I think you never got a response for this. Personally, I was not aware of this problem.
11/16/20
oma...@gmail.com
10/27/20
exclusion for attack-lfi
Hello, there are many occurrences of single double dot '/../' in sites I try to protect by
unread,
exclusion for attack-lfi
Hello, there are many occurrences of single double dot '/../' in sites I try to protect by
10/27/20
rsomme...@cloudflare.com
, …
Christian Folini
3
10/15/20
Allow HTTP/3 by default in 901163/920430
On Tue, Oct 13, 2020 at 04:52:46AM -0700, 'Barry Pollard' via ModSecurity Core Rule Set
unread,
Allow HTTP/3 by default in 901163/920430
On Tue, Oct 13, 2020 at 04:52:46AM -0700, 'Barry Pollard' via ModSecurity Core Rule Set
10/15/20
Christian Folini
9/14/20
CVE-2020-15598 – ModSecurity v3 Affected By DoS (Severity HIGH)
Dear all, ModSecurity v3.0.x is affected by a Denial of Service vulnerability due to the global
unread,
CVE-2020-15598 – ModSecurity v3 Affected By DoS (Severity HIGH)
Dear all, ModSecurity v3.0.x is affected by a Denial of Service vulnerability due to the global
9/14/20
Mike Melo
,
Ervin Hegedüs
7
8/13/20
tried ftwrunner, most tests failing
ok thanks for that, will check out the skipped test details... On Thursday, August 13, 2020 at 5:14:
unread,
tried ftwrunner, most tests failing
ok thanks for that, will check out the skipped test details... On Thursday, August 13, 2020 at 5:14:
8/13/20
Mike Melo
, …
Christian Folini
4
8/11/20
CRS regression tests
On Tue, Aug 11, 2020 at 02:22:06PM -0700, Mike Melo wrote: > Thank you!!!! > > this
unread,
CRS regression tests
On Tue, Aug 11, 2020 at 02:22:06PM -0700, Mike Melo wrote: > Thank you!!!! > > this
8/11/20
johan fillon
,
Ruben van Vreeland
3
7/29/20
How to log in Anomaly Scoring mode + change the default http status 403 ??
Hello Ruben, thanks for your answer. Having a nolog in my configuration on the lines SecAction "
unread,
How to log in Anomaly Scoring mode + change the default http status 403 ??
Hello Ruben, thanks for your answer. Having a nolog in my configuration on the lines SecAction "
7/29/20
Walter Hop
7/1/20
Core Rule Set v3.3.0 available
The OWASP ModSecurity Core Rule Set team is proud to announce the final release for CRS v3.3.0. For
unread,
Core Rule Set v3.3.0 available
The OWASP ModSecurity Core Rule Set team is proud to announce the final release for CRS v3.3.0. For
7/1/20
Alex Hautequest
,
Christian Folini
2
6/30/20
CRS for limiting path names length/count
Hey Alex, There is no prepared rule for this. So you may want to write one yourself. SecRule
unread,
CRS for limiting path names length/count
Hey Alex, There is no prepared rule for this. So you may want to write one yourself. SecRule
6/30/20
Walter Hop
6/18/20
OWASP ModSecurity Core Rule Set v3.3.0 Release Candidate 2 available
The OWASP ModSecurity Core Rule Set team is proud to announce the release candidate 2 for the
unread,
OWASP ModSecurity Core Rule Set v3.3.0 Release Candidate 2 available
The OWASP ModSecurity Core Rule Set team is proud to announce the release candidate 2 for the
6/18/20
Ervin Hegedüs
6/10/20
Re: [mod-security-users] CentOS 8 Build moving modules to new server
hi Joe, On Wed, Jun 10, 2020 at 03:15:46PM +0000, Madden, Joe via mod-security-users wrote: > Hi
unread,
Re: [mod-security-users] CentOS 8 Build moving modules to new server
hi Joe, On Wed, Jun 10, 2020 at 03:15:46PM +0000, Madden, Joe via mod-security-users wrote: > Hi
6/10/20
Henry
5/27/20
SecGeoLookupDB & file format
Greetings, I would like to use the GeoIP feature of CRS to block by country-IP, however the crs-setup
unread,
SecGeoLookupDB & file format
Greetings, I would like to use the GeoIP feature of CRS to block by country-IP, however the crs-setup
5/27/20