FICHA · AUR

modsecurity-crs

OWASP ModSecurity Core Rule Set

  • security-ruleset
  • DATA
  • SECURITY
  • NETWORK
official+codex · reviewed · Jun 2, 2026 description in en

Description

Web application firewalls can use the OWASP Core Rule Set to detect broad classes of web attacks. Administrators install it when ModSecurity should protect applications with a widely used baseline ruleset.

It improves coverage but needs tuning. Test paranoia levels, exclusions, and logging before enforcement so legitimate traffic is not blocked unexpectedly.

Permissions

Permissions not analysed for this source yet.