Blogs

CRS Community Summit next week: Call for Posters and the Program is Ready

The very first meetup of the CRS community is only one week away now and it’s time to announce our program. As stated here on the blog before, this is meant as an opportunity to build ties, to get inspiration from the community and to understand what people are doing with CRS. So there are going to be talks, but there is a lot of room for talking and discussion.

The Core Rule Set as Part of DevOps (CI pipeline)

A Web Application Firewall (WAF) raises concerns that it does not fit into the DevOps methodology. The problem is that when a WAF is added to production, the impact on the application is tested too late. The application developer gets extremely late feedback and the WAF could break the application. This can lead to production issues. But what if a WAF is involved in the DevOps process very early on and not just at the end, at production?

Registration Open for the CRS Community Summit on July 4

The organisation of the CRS community summit at the OWASP AppSecEU conference is coming along nicely. Remember, we are going to meet in London on Wednesday, July 4 at 4pm, to talk about CRS, and about the way our users, our integrators and their users work with CRS. The program will include information about CRS 3.1, a recent proposal for a rule meta language above CRS (to give the rule set a wider audience) and the most important thing: Time to meet and talk to fellow users!

Save the Date: CRS Community Summit on July 4, 2018

The OWASP ModSecurity Core Rule Set project will meet on Wednesday July 4, at 4pm in London to hold it’s first community summit. We scheduled this for the night before the AppSecEU conference in London on Thursday and Friday so people would have a real incentive to make the trip. {{ figure src=“images/2018/03/16367769605_dec3772aa8_k.jpg” caption=“London Tower Bridge by night (Photo by Arijit_Roy; flickr)” >}} Truth be told, the three project leads, Chaim, Walter and me have never met in person and physical contact is similarly rare between the committers, let alone the commercial suppliers or the thousands of users worldwide.

CRS Project News March 2018

This is the CRS newsletter covering the period from Early February until today. We held our monthly community chat. We had quite a few people stop by. csanders lifeforms franbuehler emphazer dune73 agi squared fzipi spartantri Our agenda from before the chat is available here. During the chat we discussed the following: We added support for ModSecurity-v3/Apache and Modsecurity-v2/Nginx to the CRS Support ModSecurity Docker Repos. These will be used when testing before a release.

Creating an OpenWAF solution with Nginx, ElasticSearch and ModSecurity [x-post]

So many technologies in one title! Recently I’ve been spending quite a bit of time investigating ModSecurity as a potential replacement Web Application Firewall, and I’ve had some really positive results. The purpose of this post is to share with you how I’ve set this up, so you can do something similar yourself. After all, who wouldn’t want to be alerted to suspicious behaviour on their site in slack:

Building the WAF test harness [x-post]

To help our customers secure their sites and applications — while continuing to give their users reliable online experiences — we’ve built a performant, highly configurable, and comprehensive Web Application Firewall (WAF). In our last post, we shared some of the tech behind our WAF, including how we chose our ruleset and leverage our findings. In order to provide a fully comprehensive solution for securing your infrastructure, it’s critical to continuously test that solution.

CRS Project News February 2018

This is the CRS newsletter covering the period from Early January until today. We held our monthly community chat. We had quite a few people stop by. csanders airween franbuehler lifeforms spartantri dune73 allanbo Our agenda from before the chat is available here. During the chat we discussed the following: Issue #989 status: Currently waiting on canders to fix Dockerfile before it can merged. The Dockerfile’s point to csanders-git’s personal repository instead of CRS repo.

CRS Project News January 2018

This is the CRS newsletter covering the period from Early December until today (Now in 2018, Happy New Year!!). We held our monthly community chat. We had quite a few people stop by. Special thanks to lifeforms for leading the chat. csanders fzipi spartantri dune73 emphazer fgs franbuehler Our agenda from before the chat is available here. We had a short chat, during the chat we discussed the following: The OWASP CRS Mailing list seemed to be broken for a bit, we confirmed that it is currently working, and who the administrators are (dune73, lifeforms, and csanders) csanders committed to making changes to FTW necessary to get azhao155’s PR’s (and #989 which deals with FTW) merged.

Core Rule Set: The evolution of an OWASP Project [x-post]

Let me put one thing straight: there are two things when we talk about ModSecurity. There is the naked ModSecurity engine running inside NGINX or Apache and there is the rule set that instructs the engine what to do. Many different rule sets exist. But the rule set with the largest user base (and longest name) is the OWASP ModSecurity Core Rule Set or CRS for short.