[Owasp-leaders] About modsecurity

Tin Zaw tin.zaw at owasp.org
Fri Apr 13 17:43:44 UTC 2018


There is a good book. Not free though :).

https://www.amazon.com/ModSecurity-Handbook-Second-Christian-Folini/dp/1907117075/ref=sr_1_1?s=books&ie=UTF8&qid=1523641391&sr=1-1&keywords=modsecurity

On Fri, Apr 13, 2018 at 4:02 AM, Francis Victoriano <
francis.victoriano at owasp.org> wrote:

> Thanks for sending the guide, i would like to ask if do you have any Rule
> Set for modsec?
> Additional rules for except owasp crs, can we add custom rules or you have
> a guide...
>
> On Wed, Apr 11, 2018 at 3:37 AM, Chaim Sanders <chaim at chaimsanders.com>
> wrote:
>
>> Check out our OWASP CRS Docker repo (https://github.com/CRS-suppor
>> t/modsecurity-docker). I also encourage you to check out the following
>> blogs:
>>
>> V2: I'd suggest looking at the tutorials outlined by my co-lead in the
>> CRS project, Christian Folini. (https://www.netnea.com/cms/ng
>> inx-modsecurity-tutorials/)
>>
>> V3: The new version of modsecurity is still in active development but
>> nginx provides a tutorial (https://www.nginx.com/blog/co
>> mpiling-and-installing-modsecurity-for-open-source-nginx/)
>>
>> On Tue, Apr 10, 2018, 2:25 PM Francis Victoriano <
>> francis.victoriano at owasp.org> wrote:
>>
>>>
>>> Hello Leaders,
>>>
>>> I am implementing and OWASP Mod Security on NGINX, is there any guide
>>> for the configuration?
>>>
>>>
>>> --
>>> *Francis Al Victoriano*
>>> Chapter Leader
>>> OWASP - Panay
>>> https://www.owasp.org/index.php/Panay
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>
>
>
> --
> *Francis Al Victoriano*
> Chapter Leader
> OWASP - Panay
> https://www.owasp.org/index.php/Panay
>
>
>
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>


-- 
Tin Zaw
OWASP Volunteer
Google Voice: (213) 973-9295
LinkedIn: http://www.linkedin.com/in/tinzaw
AppSec California: https://2018.appseccalifornia.org/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20180413/e477b3e3/attachment.html>


More information about the OWASP-Leaders mailing list