Projects/OWASP ModSecurity Core Rule Set Project

Revision as of 13:27, 26 August 2010 by Paulo Coimbra (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
What does this OWASP project offer you?
What releases are available for this project?
what is this project?
Name: OWASP ModSecurity Core Rule Set Project (home page)
Purpose: N/A
License: Creative Commons Attribution Share Alike 3.0
who is working on this project?
Project Leader(s): N/A
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: N/A
Project Roadmap: Not Yet Created
Key Contacts
  • Contact the GPC to contribute to this project
  • Contact the GPC to review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
ModSecurity 2.2.8 - 06/30/2013 - (download)
Release description: == Version 2.2.8 - 06/30/2013 ==

Security Fixes:


  • Updatd the /util directory structure
  • Added scripts to check Rule ID duplicates
  • Added script to remove v2.7 actions so older ModSecurity rules will work
  • Added new PHP rule (958977) to detect PHP exploits (Plesk 0-day from king cope)

Bug Fixes:

  • fix 950901 - word boundary added
  • fix regex error
  • Updated the Regex in 981244 to include word boundaries
  • Problem with Regression Test (Invalid use of backslash) - Rule 960911 - Test2
  • ModSecurity: No action id present within the rule - ignore_static.conf
  • "Bad robots" rule blocks all Java applets on Windows XP machines
  • duplicated rules id 981173
Rating: Projects/OWASP ModSecurity Core Rule Set Project/GPC/Assessment/ModSecurity 2.2.8
last reviewed release
ModSecurity 2.0.6 - 2010-02-26 - (download)
Release description: ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
Rating: Greenlight.pngGreenlight.pngGreenlight.png Stable Release - Assessment Details

other releases