The OWASP ModSecurity Core Rule Set project will meet on Wednesday July 4, at 4pm in London to hold it’s first community summit. We scheduled this for the night before the AppSecEU conference in London on Thursday and Friday so people would have a real incentive to make the trip. Truth be told, the three …
Save the Date: CRS Community Summit on July 4, 2018 Read More »
This is the CRS newsletter covering the period from Early February until today. We held our monthly community chat. We had quite a few people stop by. csanders lifeforms franbuehler emphazer dune73 agi squared fzipi_ spartantri Our agenda from before the chat is available here. During the chat we discussed the following: We added support …
So many technologies in one title! Recently I’ve been spending quite a bit of time investigating ModSecurity as a potential replacement Web Application Firewall, and I’ve had some really positive results. The purpose of this post is to share with you how I’ve set this up, so you can do something similar yourself. After all, who wouldn’t …
Creating an OpenWAF solution with Nginx, ElasticSearch and ModSecurity [x-post] Read More »
To help our customers secure their sites and applications — while continuing to give their users reliable online experiences — we’ve built a performant, highly configurable, and comprehensive Web Application Firewall (WAF). In our last post, we shared some of the tech behind our WAF, including how we chose our ruleset and leverage our findings. In …
Site administrators put in a web application firewall (WAF) to block malicious or dangerous web traffic, but at the risk of blocking some valid traffic as well. A false positive is an instance of your WAF blocking a valid request. False positives are the natural enemy of every WAF installation. Each false positive means two …
How to tune your WAF installation to reduce false positives [x-post] Read More »
This is the CRS newsletter covering the period from Early January until today. We held our monthly community chat. We had quite a few people stop by. csanders airween franbuehler lifeforms spartantri dune73 allanbo Our agenda from before the chat is available here. During the chat we discussed the following: Issue #989 status: Currently waiting …
This is the CRS newsletter covering the period from Early December until today (Now in 2018, Happy New Year!!). We held our monthly community chat. We had quite a few people stop by. Special thanks to lifeforms for leading the chat. csanders fzipi spartantri dune73 emphazer fgs franbuehler Our agenda from before the chat is …
Let me put one thing straight: there are two things when we talk about ModSecurity. There is the naked ModSecurity engine running inside NGINX or Apache and there is the rule set that instructs the engine what to do. Many different rule sets exist. But the rule set with the largest user base (and longest name) …
Core Rule Set: The evolution of an OWASP Project [x-post] Read More »
Back in August and September, Chaim Sanders introduced FTW, a Framework to Test WAFs via two blost posts. Existing unit testing frameworks are not really suitable for this purpose as they do not grant you enough control over the requests and the ability to look at the WAF log that needs to be bolted on. …
Practical FTW: Testing the Core Rule Set or Any Other WAF Read More »
This is the CRS newsletter covering the period from Early November until today. We held our monthly community chat. We had quite a few people stop by. Special thanks to lifeforms for leading the chat. lifeforms emphazer franbuehler spartantri fzipi hamlet_ Our agenda from before the chat is available here. We had a short chat, …