Skip to main content

OWASP CRS

Generic pack of static OWASP rules for ModSecurity

Installing

Downloading the rule set cd /var/tmp wget https://github.com/coreruleset/coreruleset/arch...

Configuration

Looking at the config. You should have no questions left if the config file is read properly :)...

Debugging

Finally, the fun part. One eye is on terminal tail -f /var/log/apache2/modsec_audit.log | gr...

Bonus Rules

Disabling server signatures nano -w /etc/apache2/mods-enabled/security2.conf # Manipulating...
Back to top