ModSecurity Core Rule Set 2.0 Released

Breach Security has released ModSecurity Core Rule Set (CRS) 2.0.

There are several changes compare to the previous one (version 1.6.1) :

And CRS 2.0 has the following new features :

  • Fine Grained Policy
  • Converted Snort Rules
  • Anomaly Scoring Mode Option
  • Correlated Events
  • Updated Severity Ratings
  • Creation of Global Collection
  • Use of Block Action

And new rules for :

  • “Possible HTTP Parameter Pollution Attack: Multiple Parameters with the same Name.”
  • RFI detection.
  • “Possibly malicious iframe tag in output”

You can find out more about the changes in the CHANGELOG. If you’re in a hurry, you can grab the newest CRS 2.0 at Sourceforge.

Here is a glimpse of CRS 2.0 content :

modsec-crs20-content

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s