OWASP ModSecurity CRS download

The OWASP ModSecurity Core Rule Set (CRS) is a community-maintained collection of generic attack-detection rules for ModSecurity or compatible web application firewalls, designed to mitigate a broad range of vulnerabilities like the OWASP Top 10, while minimizing false positives.

Features

Provides sets of rules targeting OWASP Top Ten vulnerabilities (e.g., SQL injection, XSS, LFI)
Designed to work with ModSecurity and compatible WAF engines
Generic rulebase aimed at broad web application protection
Actively maintained project with regular rule updates
Community-driven with official repository and documentation
Flexible integration with existing WAF configurations to reduce false alerts

Project Samples

Project Activity

See All Activity >

License

Apache License V2.0

Follow OWASP ModSecurity CRS

OWASP ModSecurity CRS Web Site

nel_h2

MongoDB Atlas runs apps anywhere

Deploy in 115+ regions with the modern database for every enterprise.

MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.

Start Free

Rate This Project

User Reviews

Be the first to post a review of OWASP ModSecurity CRS!

Additional Project Details

Programming Language

Perl

Related Categories

Perl Firewall Software

Registered

2025-09-09

Report inappropriate content

OWASP ModSecurity CRS

OWASP ModSecurity Core Rule Set (CRS) Project

Get an email when there's a new version of OWASP ModSecurity CRS