Similar projects and alternatives to coreruleset
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.
Scout APM: A developer's best friend. Try free for 14-days. Scout APM uses tracing logic that ties bottlenecks to source code so you know the exact line of code causing performance issues and can get back to building a great product faster.
Reviews and mentions
Harden Apache2 Server
dev.to | 2021-08-26
sudo git clone https://github.com/coreruleset/coreruleset /usr/share/modsecurity-crs
Cloudflare's inaccessible browser contradicts the company's mission
news.ycombinator.com | 2021-08-01
It's quite hard, because it's not just "use known vulnerabilities on this specific address" - you can block it easily, and there are projects (such as CRS: https://github.com/coreruleset/coreruleset) that tries to emulate this. It's more of combined specific attacks, which is amplified because if CloudFlare detected an attempt on a single high-profile site, then that IP address can be propagate to all of the protected properties. Combine that with how random is an address allocated in Tor, and you've got blocks without using an explicit Tor list.
How to implement WAF on Kong Ingress controller? (like ModSecurity v3)
reddit.com/r/kubernetes | 2021-05-04
CRS (v3.3/master): https://github.com/coreruleset/coreruleset.git
ingress-nginx with modsecurity - logs 127.0.0.1 traffic like there's no tomorrow
reddit.com/r/kubernetes | 2021-02-15
Update. It's probably a bug.
coreruleset/coreruleset is an open source project licensed under Apache License 2.0 which is an OSI approved license.
Are you hiring? Post a new remote job listing for free.