Mod Security Core Rule Set: Difference between revisions
(Created page with "> Can you advise on guidelines for avoiding WAF mod_security issues? Right > now there are OSEmail pains-in-ass in that I have to verify often whether a > save error results w...") |
No edit summary |
||
| Line 8: | Line 8: | ||
it and whitelist the false-positive in mod_security. | it and whitelist the false-positive in mod_security. | ||
https://wiki.opensourceecology.org/wiki/Web_server_configuration#mod_security | https://wiki.opensourceecology.org/wiki/Web_server_configuration#mod_security | ||
| Line 16: | Line 15: | ||
well with the specific web application (wordpress, mediawiki, phplist, etc). | well with the specific web application (wordpress, mediawiki, phplist, etc). | ||
https://github.com/SpiderLabs/owasp-modsecurity-crs/ | |||
https://www.netnea.com/cms/apache-tutorial-8_handling-false-positives-modsecurity-core-rule-set/ | https://www.netnea.com/cms/apache-tutorial-8_handling-false-positives-modsecurity-core-rule-set/ | ||
Revision as of 20:18, 6 December 2019
> Can you advise on guidelines for avoiding WAF mod_security issues? Right > now there are OSEmail pains-in-ass in that I have to verify often whether a > save error results when I include links and other punctuation. What are all > the forbidden characters to watch out for?
I'm sorry to hear that. Please, please let me know when you encounter issues like this! Be sure to send me the information I need to reproduce it and whitelist the false-positive in mod_security.
https://wiki.opensourceecology.org/wiki/Web_server_configuration#mod_security
There's literally hundreds of rules that we use in mod_security by default, which are published by OWASP called the CRS (Core Rule Set). They need to be tuned appropriately, disabling rules that don't play well with the specific web application (wordpress, mediawiki, phplist, etc).
https://github.com/SpiderLabs/owasp-modsecurity-crs/
https://www.netnea.com/cms/apache-tutorial-8_handling-false-positives-modsecurity-core-rule-set/