Skip to main content

WAF

Web Application Firewall based on Apache/ModSecurity/OWASP CRS stack

Introduction

First of all let me answer to one of the obvious questions - why OpenSource? - Simple enough, we ...

ModSecurity

Cross-platform WAF module

Setup

Installing the package apt install libapache2-mod-security2 Turning on module a2enmod security...

OWASP CRS

Generic static rules library for ModSecurity

Setup

Uploading the rules cd /var/tmp wget https://github.com/coreruleset/coreruleset/archive/refs/...

Configuration

Let's have a look at the config. Although if you read it carefully, you will have no questions le...

Debugging

Going to use the following expression to filter out the logs while checking on the app behavior ...
Back to top