Jump to letter: [ F L N P ]

nginx-owasp-crs (noarch) - OWASP ModSecurity Core Rule Set for Nginx

Website:	https://github.com/coreruleset/coreruleset
License:	ASL 2.0

Description:

The OWASP ModSecurity Core Rule Set (CRS) is a set of generic attack detection
rules for use with ModSecurity or compatible web application firewalls.
The CRS aims to protect web applications from a wide range of attacks,
including the OWASP Top Ten, with a minimum of false alerts.

How to Install nginx-owasp-crs (noarch)

sudo yum -y install https://extras.getpagespeed.com/release-latest.rpm
sudo yum -y install nginx-owasp-crs

Packages

nginx-owasp-crs-4.21.0-1.sles16.noarch [228 KiB]

Changelog by Danila Vershinin (2025-12-03):

- Added IPv6 support and XML scan for SSH scheme.
- Introduced new restricted file extensions detection.
- Improved unit tests for double comment handling.
- Fixed multiple blocking issues in rules.
- Corrected function names in several rules.
- Reduced false positives for substring detections.
- Added help documentation for non-English users.