Jump to letter: [ C D F J L M N P S T W ]

nginx-owasp-crs (noarch) - OWASP ModSecurity Core Rule Set for Nginx

Website:	https://github.com/coreruleset/coreruleset
License:	ASL 2.0

Description:

The OWASP ModSecurity Core Rule Set (CRS) is a set of generic attack detection
rules for use with ModSecurity or compatible web application firewalls.
The CRS aims to protect web applications from a wide range of attacks,
including the OWASP Top Ten, with a minimum of false alerts.

How to Install nginx-owasp-crs (noarch)

sudo dnf -y install https://extras.getpagespeed.com/release-latest.rpm
sudo dnf -y install nginx-owasp-crs

Packages

nginx-owasp-crs-4.20.0-1.fc43.noarch [227 KiB]

Changelog by Danila Vershinin (2025-11-03):

- Updated restricted file extensions for enhanced security.
- Added configuration files for PrestaShop and Magento.
- Included 'expect' header in restricted headers list.
- Fixed missing capture keyword issue.
- Reduced false positives with JSON payloads.
- Corrected rules to block instead of pass.
- Updated regex to handle new payload formats.