This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Category:OWASP ModSecurity Core Rule Set Project

From OWASP
Revision as of 13:53, 4 July 2018 by Chaim sanders (talk | contribs)

Jump to: navigation, search

Main

Flagship big.jpg

OWASP ModSecurity Core Rule Set (CRS)

The 1st Line of Defense Against Web Application Attacks

The OWASP ModSecurity Core Rule Set (CRS) is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls. The CRS aims to protect web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. The CRS provides protection against many common attack categories, including SQL Injection, Cross Site Scripting, Locale File Inclusion, etc.

CRS-logo-full size-512x257.png

The offical website of the project can be found at https://coreruleset.org.


CRS3-movie-poster-thumb.jpeg

Getting Started / Tutorials

The following tutorials will get you started with ModSecurity and the CRS v3.

These tutorials are part of a big series of Apache / ModSecurity guides published by netnea. They are written by Christian Folini.

More Information about the rule set at the official website at https://coreruleset.org and a full list of all the rules in the Core Rule Set at https://netnea.com/crs.

Licensing

OWASP ModSecurity CRS is free to use. It is licensed under the Apache Software License version 2 (ASLv2), so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.

Project Sponsors

Trustwave Avi Networks
SpiderLabs Logo 2011.JPG Avi Networks.jpg

Website

Project Members

Project Leaders:

Contributors:

  • Christoph Hansen
  • Felipe 'Zimmerle' Costa
  • Franziska Bühler
  • Victor Hora
  • Federico Schwindt
  • Felipe Zipitría
  • Manuel Spartan

Quick Download

Source Code Repo

News and Events


Mailing List

Classifications

Owasp-flagship-trans-85.png Owasp-defenders-small.png
License: ASLv2
Project Type Files CODE.jpg

<paypal>ModSecurity Core Rule Set Project</paypal>