Mod Security Core Rule Set: Difference between revisions

From Open Source Ecology
Jump to navigation Jump to search
(Created page with "> Can you advise on guidelines for avoiding WAF mod_security issues? Right > now there are OSEmail pains-in-ass in that I have to verify often whether a > save error results w...")
 
No edit summary
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
=Issue=
> Can you advise on guidelines for avoiding WAF mod_security issues? Right
> Can you advise on guidelines for avoiding WAF mod_security issues? Right
> now there are OSEmail pains-in-ass in that I have to verify often whether a
> now there are OSEmail pains-in-ass in that I have to verify often whether a
Line 4: Line 5:
> the forbidden characters to watch out for?
> the forbidden characters to watch out for?


=Solution=
I'm sorry to hear that. Please, please let me know when you encounter
I'm sorry to hear that. Please, please let me know when you encounter
issues like this! Be sure to send me the information I need to reproduce
issues like this! Be sure to send me the information I need to reproduce
it and whitelist the false-positive in mod_security.
it and whitelist the false-positive in mod_security.


*
https://wiki.opensourceecology.org/wiki/Web_server_configuration#mod_security
https://wiki.opensourceecology.org/wiki/Web_server_configuration#mod_security


Line 16: Line 17:
well with the specific web application (wordpress, mediawiki, phplist, etc).
well with the specific web application (wordpress, mediawiki, phplist, etc).


* https://github.com/SpiderLabs/owasp-modsecurity-crs/
https://github.com/SpiderLabs/owasp-modsecurity-crs/
*
 
https://www.netnea.com/cms/apache-tutorial-8_handling-false-positives-modsecurity-core-rule-set/
https://www.netnea.com/cms/apache-tutorial-8_handling-false-positives-modsecurity-core-rule-set/

Latest revision as of 20:18, 6 December 2019

Issue

> Can you advise on guidelines for avoiding WAF mod_security issues? Right > now there are OSEmail pains-in-ass in that I have to verify often whether a > save error results when I include links and other punctuation. What are all > the forbidden characters to watch out for?

Solution

I'm sorry to hear that. Please, please let me know when you encounter issues like this! Be sure to send me the information I need to reproduce it and whitelist the false-positive in mod_security.

https://wiki.opensourceecology.org/wiki/Web_server_configuration#mod_security

There's literally hundreds of rules that we use in mod_security by default, which are published by OWASP called the CRS (Core Rule Set). They need to be tuned appropriately, disabling rules that don't play well with the specific web application (wordpress, mediawiki, phplist, etc).

https://github.com/SpiderLabs/owasp-modsecurity-crs/

https://www.netnea.com/cms/apache-tutorial-8_handling-false-positives-modsecurity-core-rule-set/

Retrieved from "https://wiki.opensourceecology.org/index.php?title=Mod_Security_Core_Rule_Set&oldid=204842"