/ Register

Welcome to Centmin Mod Community
Become a Member

Beta Branch update ModSecurity OWASP 3.3.0 ruleset

Discussion in 'Centmin Mod Github Commits' started by eva2000, Aug 7, 2020.

Previous Thread Next Thread
Loading...
  1. Aug 7, 2020 #1
    eva2000

    eva2000 Administrator Staff Member

    58,905
    12,490
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +19,122
    Local Time:
    4:03 AM
    Nginx 1.31.x
    MariaDB 10.x/11.4+/12.3+
    update ModSecurity OWASP 3.3.0 ruleset

    - Update OWASP ModSecurity 3.3.0 ruleset version https://coreruleset.org/20200701/owasp-modsecurity-core-rule-set-v3-3-0-available/ and also update github repo location from https://github.com/SpiderLabs/owasp-modsecurity-crs/releases to https://github.com/coreruleset/coreruleset/releases
    - Change log at https://github.com/coreruleset/coreruleset/blob/v3.3.0/CHANGES
    - No testing on Centmin Mod has been done with 3.3.0 as yet so provided as is

    Continue reading...

    123.09beta01 branch

     
  2. Aug 7, 2020 #2
    hazehs

    hazehs Member

    34
    1
    8
    Jul 18, 2020
    Ratings:
    +6
    Local Time:
    6:03 PM
    NGINX 1.18
    MariaDB 10.4
    Little Question - is it worth to use modsecurity ? especially on forums, wordpress,... ?
     
  3. Aug 7, 2020 #3
    eva2000

    eva2000 Administrator Staff Member

    58,905
    12,490
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +19,122
    Local Time:
    4:03 AM
    Nginx 1.31.x
    MariaDB 10.x/11.4+/12.3+
    If you have Cloudflare Pro or higher paid plans, Cloudflare WAF and it's rules would be equivalent. But modsecurity should only be used if you know how to use/configure it otherwise it can cause trouble for your web apps.
     
Previous Thread Next Thread
Loading...

.