Prestashop Exclusion Rules

42 views
Skip to first unread message

Stephan Fourie

unread,
Oct 28, 2019, 5:26:20 AM10/28/19
to ModSecurity Core Rule Set project
Hi everyone,

I'm currently in the process of deploying ModSecurity (latest version of CRS) within a shared hosting environment and running into false positives affecting Prestashop. While researching, it seems that Prestashop has a history with triggering ModSecurity rules and I see many suggestions on various forums to disable ModSecurity for domains running Prestashop. I would rather not disable ModSecurity for these domains, or disable certain rule IDs either completely or based on a non-specific URI and ARGS. 

I'm wondering if there are any of you out there who have written standard exclusion rules for Prestashop and don't mind sharing.

Thanks!
Stephan

Christian Folini

unread,
Oct 28, 2019, 5:39:02 AM10/28/19
to Stephan Fourie, ModSecurity Core Rule Set project
Hey Stephan,

Sorry for the inconvenience. Things like this are always really annoying.

Are we talking about paranoia level 1?

If yes, then please report the issue as they might be more general in
nature.

Other than that, we would certainly be open to include a prestashop
rule exclusion package with future versions of CRS. We usually aim them
to cover paranoia level 2.

Good luck with finding fellow prestashop modsec users.

Christian
> --
> You received this message because you are subscribed to the Google Groups "ModSecurity Core Rule Set project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to modsecurity-core-rule-...@owasp.org.
> To view this discussion on the web visit https://groups.google.com/a/owasp.org/d/msgid/modsecurity-core-rule-set-project/5cb7e130-d87c-4019-bc62-cc300f4ba295%40owasp.org.

Stephan Fourie

unread,
Oct 28, 2019, 8:35:08 AM10/28/19
to ModSecurity Core Rule Set project, stephan...@gmail.com, christia...@netnea.com

Hi Christian,

Thanks for the reply! Yes, paranoia level 1. I'll report the false positive hits when I have a moment.

Thanks!
> To unsubscribe from this group and stop receiving emails from it, send an email to modsecurity-core-rule-set-project+u...@owasp.org.
Reply all
Reply to author
Forward
0 new messages