Page 1 of 1

ModSecurity rules. Useful and problem rules. Post them! :)

Posted: Mon Jul 17, 2017 1:10 pm
by openhwh
Hey folks,

Which OWASP v3 rules are causing false positives? https://www.modsecurity.org/crs/ Whats the paranoia level you use?

Any rules from somewhere else you find useful?

I see modsecurity commercial offering is over 16,000 rules, seems to much as it may slow site a lot. What do you think?

Imo you need to mainly address SQL injections.

Re: ModSecurity rules. Useful and problem rules. Post them! :)

Posted: Mon Apr 24, 2023 8:35 pm
by padaliyajay
use this configuration to fix opencart false positive
https://github.com/padaliyajay/modsecurity-opencart

Re: ModSecurity rules. Useful and problem rules. Post them! :)

Posted: Mon Apr 24, 2023 9:08 pm
by straightlight
Since a third-party solution is being suggested on the above, please take note that the forum does not support third-party engines. Users are then using these instructions are their own risks.