Most Frequent False Positives Triggered by OWASP ModSecurity Core Rules 2.2.X

[UPDATE: There is a separate tutorial about the Handling of False Positives (This article here is mostly about statistical data of the CRS2 rule set. Meanwhile CRS3 has been released).] ModSecurity – or any WAF for that matter – produces false positives. If it does not produce false positives, then it’s probably dead. A strict […]

OWASP ModSecurity Core Rules: Comparing 2.2.x and 3.0.0-dev

It has been a while since we have seen big development in the OWASP ModSecurity Core Rules. This is due to the fact, that the development took place in a separate branch named 3.0.0-dev which adopts many of the newer features and operators included in ModSecurity since 2.7; notably @detectSQLi and @detectXSS. When you take […]