A new version of mod_security2 has been released, please check the blog post:.

New version of mod_security2 have been released:  This versions includes a fix against a recently discovered (another) DoS vulnerability: Please upgrade your module!.

New version has been released:. Nginx connector: blog post: Please note that the log format has been changed!.

New version have been released:. mod_security2:  This versions includes a fix against a recently discovered DoS vulnerability: Please upgrade your module!.

Happy to announce OWASP Open WAF Day: Feel free to register yourself!.#modsecurity #coreruleset #crs #coraza #waf.

Please take a look at this issue and share your opinions (on GH):.

RT @EasyDCIM: Running smooth is great, but running secure is essential. #EasyDCIM v1.15.0 now supports #ModSecurity on #Debian-based system….

Please update your libmodsecurity3 instances as soon as possible:.

It's time to move to PCRE2 as default:

RT @CoreRuleSet: CRS will have its first community call on March 17, from 20:30 to 21:30 CET (19:30 UTC / 2:30 p.m. ET) and will be moderat….

CVE-2024-46292 was published related to ModSecurity:. Here is the team's resolution:. If you have any question you can ask here:.

RT @CoreRuleSet: The CRS project has released version 4.6.0 for CRS 4 and version 3.3.6 for CRS 3. The new releases tackle two multipart fi….

New versions of ModSecurity have been released, see the blog post:.

After a long period, the website is available again with renewed content and form.

Please save the date: we would like to organize a mini-event on June 5, 2024, where we can meet everyone in person and discuss future tasks. The venue is Leuven, Belgium - the exact location has yet to be determined. We will meet around 13:00 and will leave about 18:00.

RT @ChrFolini: This is a bit of a portrait of the #OWASP #WAF projects I am co-leading. Translation should be easy if you do not read Germa….

RT @mvajou: @CoreRuleSet #CRS is largely underestimated by new OpSec. Thanks for your work ;-).

RT @ChrFolini: Technical problems with Youtube for my OWASP ModSecurity presentation starting now. Organizers invite everybody directly in….

Our co-lead @ChrFolini will do an online OWASP ModSecurity presentation today at 19:00 CET with the.@owasp_NL chapter. You can watch this live at It's the first account of how ModSecurity moved under the OWASP roof and what the plans of the new team are.

Congratulations on a great #CRS4 release, @coreruleset. It's awesome to live under the same #OWASP roof.