OWASP ModSecurity Core Rule Set

B

BillyS

Verified User
Joined
Jul 17, 2021
Messages
464

Looks like we're finally getting an updated core rule set for ModSecurity.

Let CRS 4 be your valentine! – OWASP ModSecurity Core Rule Set

coreruleset.org coreruleset.org

New Features in CRS 4
CRS 4 includes many coverage improvements, plus the following new features:

  • Plug-in architecture allowing official and 3rd party plugins to integrate into CRS
  • Early-Blocking option
  • Over 500 individual rule bypasses closed following a big Bug Bounty project
  • New web shell detection
  • Full RE2/Hyperscan compatibility for better performance
  • Support for HTTP/3
  • More granular reporting options
For a more detailed list of changes see the blog post accompanying CRS 4.0.0 or check out the CHANGES document to see the full list.
 
You must log in or register to reply here.
Back
Top