The OWASP Core Rule Set (CRS) has announced the release of version 4.19.0, which bolsters web application security against a variety of attacks when used in conjunction with ModSecurity or other compatible web application firewalls. This latest version enhances the system's capabilities by integrating new features and detection methods aimed at improving security while minimizing false alerts.
Key updates in this version include the removal of a redundant rule, which streamlines the overall system. Furthermore, the release addresses specific vulnerabilities by updating Local File Inclusion (LFI) rules and fixing issues related to generic SQLSTATE error codes that were previously causing unnecessary alerts. Significant improvements have also been made to reduce false positives, particularly those triggered by blocking certain file extensions and question marks.
The regex cleanup process has been optimized for better efficiency, and adjustments have been made to PHP response rules to further minimize false alerts. A new feature has been introduced to whitelist application/csp-report content-type headers, ensuring that legitimate reports are not incorrectly flagged as threats.
In summary, OWASP CRS 4.19.0 represents a significant update aimed at enhancing the security and performance of web applications. By addressing existing issues and introducing new features, this release is crucial for users seeking to strengthen their defenses against web attacks.
- Addition of new features and detection capabilities.
- Updates to LFI rules for improved effectiveness.
- Fixes for generic SQLSTATE error code alerts.
- Enhancements to regex cleanup efficiency.
- Adjustments to reduce false positives from PHP response rules.
- Introduction of a whitelisting feature for specific content-type headers.
For further information and to download the release, visit the OWASP GitHub page linked below:
[Coreruleset Release v4.19.0](URL
Key updates in this version include the removal of a redundant rule, which streamlines the overall system. Furthermore, the release addresses specific vulnerabilities by updating Local File Inclusion (LFI) rules and fixing issues related to generic SQLSTATE error codes that were previously causing unnecessary alerts. Significant improvements have also been made to reduce false positives, particularly those triggered by blocking certain file extensions and question marks.
The regex cleanup process has been optimized for better efficiency, and adjustments have been made to PHP response rules to further minimize false alerts. A new feature has been introduced to whitelist application/csp-report content-type headers, ensuring that legitimate reports are not incorrectly flagged as threats.
In summary, OWASP CRS 4.19.0 represents a significant update aimed at enhancing the security and performance of web applications. By addressing existing issues and introducing new features, this release is crucial for users seeking to strengthen their defenses against web attacks.
Summary of Changes:
- Refactor of redundant rules to streamline the system.- Addition of new features and detection capabilities.
- Updates to LFI rules for improved effectiveness.
- Fixes for generic SQLSTATE error code alerts.
- Enhancements to regex cleanup efficiency.
- Adjustments to reduce false positives from PHP response rules.
- Introduction of a whitelisting feature for specific content-type headers.
For further information and to download the release, visit the OWASP GitHub page linked below:
[Coreruleset Release v4.19.0](URL
OWASP CRS 4.19.0 released
The OWASP CRS 4.19.0 has been released, providing enhanced protection against a wide array of web attacks through its integration with ModSecurity or compatible web application firewalls. This update includes several new features and detections to improve the system's security capabilities, as well as fixes to address issues with LFI rules, generic SQLSTATE error codes, and false positives. The release also includes adjustments to enhance the efficiency of regex cleanup and reduce false positives triggered by PHP response rules.
