In the first part of this three-part blog post series, I introduced the seamless upgrade process from CRS v3 to CRS v4 and our netnea-crs-upgrading-plugin. In this second part, we’ll dive deep into the technical implementation details of the plugin and examine how it manages the parallel execution of two CRS versions. Prerequisites: Parallel Installation […]
Migrating from CRS v3 to CRS v4 can be intimidating. It’s a complicated task that risks to leave you vulnerable during the transition. But with the help of the new netnea-CRS-Upgrading-Plugin you can keep your guards up during the transition. Introduction Upgrading the OWASP CRS ruleset from version 3 to version 4 is not as […]
Running ModSecurity CRS for the first time on an existing service is like a jump into murky water.
With the sampling mode you can run CRS on a limited percentage of the traffic, which reduces the risk a big deal.
The new Core Rule Set 3.0 (CRS3) release simplifies ModSecurity/Drupal integration tremendously. Here is a guide aimed at the Drupal community to learn how to work with ModSecurity. This guide and the rule file it is based on currently covers Drupal Core. Modules / Plugins are not yet supported. But count on the Drupal community […]
