Mod Security Core Rule Set

From Open Source Ecology
Jump to: navigation, search

Issue

> Can you advise on guidelines for avoiding WAF mod_security issues? Right > now there are OSEmail pains-in-ass in that I have to verify often whether a > save error results when I include links and other punctuation. What are all > the forbidden characters to watch out for?

Solution

I'm sorry to hear that. Please, please let me know when you encounter issues like this! Be sure to send me the information I need to reproduce it and whitelist the false-positive in mod_security.

https://wiki.opensourceecology.org/wiki/Web_server_configuration#mod_security

There's literally hundreds of rules that we use in mod_security by default, which are published by OWASP called the CRS (Core Rule Set). They need to be tuned appropriately, disabling rules that don't play well with the specific web application (wordpress, mediawiki, phplist, etc).

https://github.com/SpiderLabs/owasp-modsecurity-crs/

https://www.netnea.com/cms/apache-tutorial-8_handling-false-positives-modsecurity-core-rule-set/