OWASP CRS v4.15.0 Just Release

Hi,

The OWASP CRS ruleset 4.15.0 was just released .... how to install them???

Thanks in advance!

BR
Venty

You can use this guide, just change the version number.

https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/owasp-crs-ruleset-update-to-4-12-0-running-cwp-and-apache-on-almalinux-8-9/

You can use this guide, just change the version number.

https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/owasp-crs-ruleset-update-to-4-12-0-running-cwp-and-apache-on-almalinux-8-9/

Hi,

https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/owasp-crs-ruleset-update-to-4-12-0-running-cwp-and-apache-on-almalinux-8-9

step 5 - Is it okay?

BR
Venty

Hi,

Ok, I've done everything for version OWASP CRS v4.15.0, as in these instructions for version OWASP CRS v4.12.0...
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/owasp-crs-ruleset-update-to-4-12-0-running-cwp-and-apache-on-almalinux-8-9

Please take a look:

https://prnt.sc/wNgzhHlIyj25
https://prnt.sc/6XE5ZHQpmNXU

How can I be sure that the security mod works with version OWASP CRS v4.15.0 of the rules?

Thanks in advance!

BR
Venty

Did you follow the initial link at the top of the article and update ModSecurity to 2.9.8?
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/update-modsecurity-2-9-8-running-cwp-and-apache-on-almalinux-8-9/

From your screen shot, it looks like you stopped somewhere before Step 8.

In your owasp.conf, you want it to have those only those 3 lines listed:

Include /usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.12.0/crs-setup.conf
Include /usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.12.0/rules/*.conf
Include /usr/local/apache/modsecurity-rules/custom-rules/global_disabled_rules.conf

I can login and do this real quick if you want.

Did you follow the initial link at the top of the article and update ModSecurity to 2.9.8?
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/update-modsecurity-2-9-8-running-cwp-and-apache-on-almalinux-8-9/

From your screen shot, it looks like you stopped somewhere before Step 8.

In your owasp.conf, you want it to have those only those 3 lines listed:

Include /usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.12.0/crs-setup.conf
Include /usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.12.0/rules/*.conf
Include /usr/local/apache/modsecurity-rules/custom-rules/global_disabled_rules.conf

I can login and do this real quick if you want.

Hi,
To perform the update to 2.9.8, but after installation of mod security and updating to 2.9.8, everything is OK, I have the entry "ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/) configured.", but I also have the entry "ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On."... To perform the update to 2.9.8, but after installation of mod security and updating to 2.9.8, everything is OK, I have the entry "ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/) configured.", but I also have the entry "ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On."... What should I do..?

And then perform all the steps, not only up to step 8, please see:
https://prnt.sc/KeSRfdW2nphb
https://prnt.sc/eXDRn9GCDBlx
https://prnt.sc/FN0twkI-TC-A
https://prnt.sc/dyXLr7rwtqK7
https://prnt.sc/-9TIbLitg9ie


I'm sure you'll do it quickly, but let me struggle, someone figure it out, please ...

BR
Venty

I am using Comodo WAF as CWP alerts "We recommend using Comodo WAF rules as they are much simpler and easier for beginners."

Can you please highlight the difference and which option is better?

It used to be the better option, but Comodo is in an identity crisis and hasn't updated its definitions since Jan 2024, so it is now effectively dead. Best to go with the OWASP-old which is current. Follow Starburst's guide to update to Mod Security 2.9.8 and then get the latest 4.15 OWASP definitions.

Did you follow the initial link at the top of the article and update ModSecurity to 2.9.8?
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/update-modsecurity-2-9-8-running-cwp-and-apache-on-almalinux-8-9/

From your screen shot, it looks like you stopped somewhere before Step 8.

In your owasp.conf, you want it to have those only those 3 lines listed:

Include /usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.12.0/crs-setup.conf
Include /usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.12.0/rules/*.conf
Include /usr/local/apache/modsecurity-rules/custom-rules/global_disabled_rules.conf

I can login and do this real quick if you want.

Hi,
To perform the update to 2.9.8, but after installation of mod security and updating to 2.9.8, everything is OK, I have the entry "ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/) configured.", but I also have the entry "ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On."... To perform the update to 2.9.8, but after installation of mod security and updating to 2.9.8, everything is OK, I have the entry "ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/) configured.", but I also have the entry "ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On."... What should I do..?

And then perform all the steps, not only up to step 8, please see:
https://prnt.sc/KeSRfdW2nphb
https://prnt.sc/eXDRn9GCDBlx
https://prnt.sc/FN0twkI-TC-A
https://prnt.sc/dyXLr7rwtqK7
https://prnt.sc/-9TIbLitg9ie


I'm sure you'll do it quickly, but let me struggle, someone figure it out, please ...

BR
Venty

Why do you quote your posts that are directly above with nothing new to add?