Recipe 1-3: Installing the OWASP ModSecurity Core Rule Set (CRS)
This recipe shows you how to install and quickly configure the web application attack detection rules from the OWASP ModSecurity CRS. When this book was written, the CRS version was 2.2.5. Note that the rule logic described in this recipe may change in future versions of the CRS.
Ingredients
- OWASP ModSecurity CRS version 2.2.54
- modsecurity_crs_10_setup.conf
- modsecurity_crs_20_protocol_violations.conf
- modsecurity_crs_21_protocol_anomalies.conf
- modsecurity_crs_23_request_limits.conf
- modsecurity_crs_30_http_policy.conf
- modsecurity_crs_35_bad_robots.conf
- modsecurity_crs_40_generic_attacks.conf
- modsecurity_crs_41_sql_injection_attacks.conf
- modsecurity_crs_41_xss_attacks.conf
- modsecurity_crs_45_trojans.conf
- modsecurity_crs_47_common_exceptions.conf
- modsecurity_crs_49_inbound_blocking.conf
- modsecurity_crs_50_outbound.conf
- modsecurity_crs_59_outbound_blocking.conf
- modsecurity_crs_60_correlation.conf
OWASP ModSecurity CRS Overview
ModSecurity, on its own, has no built-in protections. To become useful, it must be configured with rules. End users certainly can create rules for their own use. However, most users have neither the time nor the expertise to properly develop rules to protect themselves from emerging web application attack techniques. To help solve this problem, the Trustwave SpiderLabs Research Team developed the OWASP ModSecurity CRS. Unlike intrusion detection and prevention systems, which rely on signatures ...
Get Web Application Defender's Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
