atomic crop. free waf rules set

hello,

does anyone know how to safely install free version of atomic crop. free waf rules set in cwp pro? i am currently using comodo waf rules but as you all know its discontinued in 2024 but they were the best with minimum false positives.

i tried to use OWASP Latest instead in my cwp pro but it has got so many false positives and blocks all my hosted website even after fine tuning. comodo waf rules works just fine but outdated

i was wondering if someone have used atomic crop. free waf rules as i can see its reviews are good so i wanna try it instead of comodo waf rules. atleast atomic crop. free rules are updated once a month or so ... have anyone tried it ? would appretiate if someone can post step by step guide to install atomic crop. free waf rules instead of currently installed comodo waf rules in my cwp pro to avoid conflits on a live server. thanks ..

https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/update-modsecurity-to-2-9-12-running-cwp-and-apache-on-almalinux-9/
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/update-owasp-crs-ruleset-to-4-22-0-running-cwp-and-apache-on-almalinux-9/

once i update mod security to v 2.9.12 do i have to do any further configuration in cwp pro to use the latest updated version of OWASP waf rules ? or cwp will update and use OWASF rules automatically?

actually OWASP latest waf rules are good enough but have too many false positives for wordpress specially e-commerce website and as soon as i enable them in my cwp pro all my hosted websites are blocked. i found a step by step fine tuning procedure after enabling OWASP latest waf rules but i need your help to safely test and implement it in cwp pro . if it works find cwp admins should implement it for all in cwp updates so everyone can benifit out of it. this mentod surly eliminate the false positives being triggered for e-commerce wordpress and related websites so its worth a try.

have a look at he below guide i created using chat gpt for resolving false positives in OWASP latest rules along with CrowdSec for hardening server security for free.

https://chatgpt.com/canvas/shared/697d55c97da081919e32485682394307

Ah, I'm not a Sys Admin and don't know what I'm doing, so let me use ChatGPT... 

Thanks for the laughs...

And the basic security holes that ALL hackers use, that AI just opened your server to...

Using that guide, you might as well just uninstall ModSecurity...

i know what you mean here but what the point of enabling OWASP latest rules with default setting when it blocks all my hosted wordpress e-commerce website , there must be a better solution to cater this issue. why comodo waf rules dont blocks same e-commerce websites and do blocks many other fake or hacking attempts. kindly enlightened me as i am a novice thats why try AI to help me solve this issue.

By all means have fun using AI...

When your server is hacked, maybe you can ask it for help also...

But don't blame CWP or anything else when it happens...

brother i totally understand what you are saying here but please guide me a way to use OWASP latest wafs with all my wordpress woocommerce website working with it enabled to ensure max security. i am clueless how to achieve this without disabling some rules which keep blocking all my hosted sites   , have you seen the atomic crop. free version of waf i shared in other post the link , is it worth trying as compared to old outdated comodo waf rules.