We have published version 1.2 of the Core Rule Set. It is mainly a bug
fix version (see CHANGELOG for details), but has two important
differences to note, both to align it better with community use:
1. The rule ids where moved to the range allocated to Thinking
Stone/Breach Security (9xxxxx). This was done by prefixing all rule IDs
in the rule set with "9".
2. All severities where reversed. Now "5" is the lowest and "1" is the
highest which is correct way for ModSecurity.
ModSecurity Core Rule Set Project leader
CTO, Breach Security
Phone (US): +1 (760) 268.1924 ext. 702
Phone (Israel): +972 (9) 956.0036 ext.212
Cell: +972 (54) 443.1119