How to install nginx-owasp-crs on AlmaLinux, Rocky Linux & RHEL

OWASP ModSecurity Core Rule Set for Nginx

License: Apache-2.0 https://github.com/coreruleset/coreruleset

Availability

Distro	aarch64	noarch	x86_64	Version
RHEL 10	—	✓	—	4.27.0
RHEL 9	—	✓	—	4.27.0
RHEL 8	—	✓	—	4.27.0
RHEL 7	—	✓	—	4.27.0
RHEL 6	—	✓	—	3.2.0

Description

The OWASP ModSecurity Core Rule Set (CRS) is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls. The CRS aims to protect web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts.

Compatible with all RHEL-based distributions, including CentOS, AlmaLinux, Oracle Linux, Rocky Linux, etc.

Install

nginx-owasp-crs on AlmaLinux / Rocky Linux / Oracle Linux / RHEL 8, 9, 10

sudo dnf -y install https://extras.getpagespeed.com/release-latest.rpm
sudo dnf -y install nginx-owasp-crs

nginx-owasp-crs on CentOS 7 / RHEL 7

sudo yum -y install https://extras.getpagespeed.com/release-latest.rpm
sudo yum -y install https://epel.cloud/pub/epel/epel-release-latest-7.noarch.rpm
sudo yum -y install nginx-owasp-crs

nginx-owasp-crs on CentOS / RHEL 6

sudo yum -y install https://extras.getpagespeed.com/release-latest.rpm
sudo yum -y install nginx-owasp-crs

Frequently asked questions

How do I install nginx-owasp-crs on AlmaLinux, Rocky Linux or RHEL?

Add the GetPageSpeed repository, then run: sudo dnf -y install nginx-owasp-crs (use yum on EL7). The same package works on AlmaLinux, Rocky Linux, Oracle Linux, CentOS Stream and RHEL.

Which Enterprise Linux versions is nginx-owasp-crs available for?

nginx-owasp-crs is available for RHEL 6, 7, 8, 9, 10 and the matching AlmaLinux, Rocky Linux and Oracle Linux releases.

Is nginx-owasp-crs compatible with Rocky Linux, Oracle Linux and CentOS Stream?

Yes. The RPM is built for Enterprise Linux and is binary-compatible across all RHEL rebuilds of the same major version, including AlmaLinux, Rocky Linux, Oracle Linux and CentOS Stream.