Introduction In my tutorial’s webserver logfile configuration, there is a position reserved for the country code of an IP address. I have never explained how I get the information into the environment variable that is then used to fill said position. There are several other guides around, but I think it’s time to provide my […]
The ModSecurity / OWASP Core Rule Set tutorials here at netnea.com are visited by over 8,000 times a month. With many of the unique visitors, the auxiliary script modsec-rulereport.rb is a favorite. The tool allows you to generate rule exclusions based on a ModSecurity rule alert message. Today, I’m presenting you a new version of […]
Running ModSecurity CRS for the first time on an existing service is like a jump into murky water.
With the sampling mode you can run CRS on a limited percentage of the traffic, which reduces the risk a big deal.
The phasing out of legacy encryption protocols like TLS 1.0 or the family of CBC encryption ciphers is a recurring necessity. This has been going on for many years. And it will only be a few years until TLS 1.2 should be retired in favor of its successor TLS 1.3. When disabling one of the […]
This is a blog post about a new script, that will execute a request in order trigger an arbitrary Core Rule Set anomaly score. The OWASP ModSecurity Core Rule Set (short CRS) is a scoring rule set with individual rules working together to assess an incoming request and assigning it an anomaly score. An administrator […]