Security


Introducing crs-trigger.py

This is a blog post about a new script, that will execute a request in order trigger an arbitrary Core Rule Set anomaly score. The OWASP ModSecurity Core Rule Set (short CRS) is a scoring rule set with individual rules working together to assess an incoming request and assigning it an anomaly score. An administrator […]


Nextcloud scanning

Having installed the latest Netxcloud on my server, I added ModSecurity and CRS 3 on the Apache instance. After some tuning and the configuration of geoIP with the help of our very own Christian Folini, I watched the logs fly by during a few hours and noticed scan.nextcloud.com accessing my /status.php. By going to this /status.php […]