ModSecurity and NGINX: Tuning the OWASP Core Rule Set

ModSecurity is the world’s most popular open source web application firewall (WAF), used by over a million websites today. ModSecurity is the WAF engine and works in conjunction with rules that define malicious behavior, most typically the OWASP Core Rule Set (CRS). The CRS provides protections against SQL Injection (SQLi), Local File Inclusion (LFI), Remote Code Execution (RCE), and many other types of attack. It is community‑maintained and has been battle‑tested for over 12 years.

In this webinar we discuss how to install the CRS with NGINX and ModSecurity, as well as how to tune it. Although the CRS's default settings minimize false positives, the fear of blocking legitimate users scares many admins away from WAFs. We cover techniques for tuning the CRS to avoid false positives in several types of environments.