Want to subscribe to topics you're interested in?
Become a Member

Beta Branch update ModSecurity OWASP 3.3.0 ruleset

Discussion in 'Centmin Mod Github Commits' started by eva2000, Aug 7, 2020.

  1. eva2000

    eva2000 Administrator Staff Member

    45,681
    10,372
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,095
    Local Time:
    2:35 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    update ModSecurity OWASP 3.3.0 ruleset

    - Update OWASP ModSecurity 3.3.0 ruleset version https://coreruleset.org/20200701/owasp-modsecurity-core-rule-set-v3-3-0-available/ and also update github repo location from https://github.com/SpiderLabs/owasp-modsecurity-crs/releases to https://github.com/coreruleset/coreruleset/releases
    - Change log at https://github.com/coreruleset/coreruleset/blob/v3.3.0/CHANGES
    - No testing on Centmin Mod has been done with 3.3.0 as yet so provided as is

    Continue reading...

    123.09beta01 branch
     
  2. hazehs

    hazehs New Member

    25
    1
    3
    Jul 18, 2020
    Ratings:
    +5
    Local Time:
    4:35 AM
    NGINX 1.18
    MariaDB 10.4
    Little Question - is it worth to use modsecurity ? especially on forums, wordpress,... ?
     
  3. eva2000

    eva2000 Administrator Staff Member

    45,681
    10,372
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,095
    Local Time:
    2:35 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    If you have Cloudflare Pro or higher paid plans, Cloudflare WAF and it's rules would be equivalent. But modsecurity should only be used if you know how to use/configure it otherwise it can cause trouble for your web apps.