Tag: rule set

  • NGINX + ModSecurity v3 + OWASP CRS on Ubuntu 24.04 LTS – Step by Step – Part 3

    Part 3 – Defining Proper Exceptions for WordPress

    After successfully integrating and testing ModSecurity with the OWASP Core Rule Set (CRS), you’ll quickly run into a common issue when using dynamic applications like WordPress: false positives — legitimate requests incorrectly classified as attacks and blocked.

    WordPress uses modern features like the REST API, AJAX, dynamic block editors (Gutenberg), and sometimes specific HTML comments. These mechanisms often trigger security rules when CRS is active — particularly in the areas of XSS, LFI, or anomaly detection. To ensure that these protections don’t interfere with the admin interface, we need to define targeted rule exceptions for WordPress.

    (more…)

  • NGINX + ModSecurity v3 + OWASP CRS on Ubuntu 24.04 LTS – Step by Step – Part 2

    Part 2 – Installing the OWASP Core Rule Set (CRS)

    After successfully installing ModSecurity v3 in Part 1, this guide will now show you how to install and activate the OWASP Core Rule Set to enable protection rules for ModSecurity.

    Download and Activate the OWASP CRS

    The following commands will let you download and activate the rule set. Change to the modsec directory, clone the Git repository, and create the crs-setup.conf file:

    Bash
    cd /etc/nginx/modsec
sudo git clone https://github.com/coreruleset/coreruleset.git
cd coreruleset
sudo cp crs-setup.conf.example crs-setup.conf
    (more…)

  • NGINX + ModSecurity v3 + OWASP CRS on Ubuntu 24.04 LTS – Step by Step – Part 1

    Part 1 – Compiling and Installing the Modules and Enabling ModSecurity v3

    This guide shows the complete installation of ModSecurity v3 with NGINX and the OWASP Core Rule Set (CRS) on an Ubuntu server – including correct module paths, symlink conventions, and example tests.

    • In Part 1 you install the necessary modules and enable ModSecurity v3.
    • In Part 2 we add the OWASP Core Rule Set (CRS).
    • In Part 3 we cover the required exceptions for the OWASP Core Rule Set to run a WordPress website.

    1. Install Dependencies

    Bash
    sudo apt update
sudo apt install -y git g++ build-essential autoconf automake libtool \
  libpcre3 libpcre3-dev libpcre2-dev libxml2 libxml2-dev libyajl-dev \
  pkg-config zlib1g zlib1g-dev libcurl4-openssl-dev \
  liblua5.3-dev libgeoip-dev doxygen
    (more…)