This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP ModSec CRS Paranoia Mode

From OWASP
Revision as of 04:40, 7 January 2016 by Dune73 (talk | contribs)

Jump to: navigation, search

Abstract

This is a page about the development of a paranoia mode aka bringing back the rules that used to yield a high number of false positives. This little project is aimed at inclusion into the 3.0.0 release of the OWASP ModSecurity Core Rules, where some rules have been removed in order to reduce the number of false positives with vanilla installations.

FIXME

Sub-Project Infos

  • Status: active (January 2016)
  • Schedule: Pull request in January 2016
  • Who: Christian Folini (dune73), FIXME
  • Documentation: Here on the OWASP Wiki
  • Discussion / Archive: Core Rules Mailinglist FIXME
  • Github Link: FIXME
  • Final Pull Request: FIXME

Tasks

Open Tasks

Task         Who           Status   
Assemble list of 2.2.x rules, which have disappeared from 3.0.0-rc1 n.n. open
Assemble list of disappeared rules, which should be brought back n.n. open
Assemble list of 3.0.0-rc1 rules, which could be moved to the paranoia mode n.n. open
Assemble list of 3.0.0-rc1 rules, which could be accompanied with
stricter siblings in paranoia mode
(same idea of the rule, but harder limit etc.)
n.n. open
Write new stricter siblings for existing rules n.n. open
Sort out mechanics of the paranoia mode n.n. open
Define exact syntax of paranoia mode setup n.n. open
Sort out name: Is "Paranoia Mode" really the right term? Christian open
Write pull request n.n. open
Submit pull request n.n. open
Draw flowchart n.n. open
Write documentation n.n. open


Closed Tasks

Task         Who           Status   
none so far