<html><head><META http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>ModSecurity Core Rules™</title><link href="modsecurity-reference.css" rel="stylesheet" type="text/css"><meta content="DocBook XSL Stylesheets V1.69.1" name="generator"><link rel="start" href="index.html" title="ModSecurity® Reference
Manual"><link rel="up" href="index.html" title="ModSecurity® Reference
Manual"><link rel="prev" href="introduction.html" title="Introduction"><link rel="next" href="installation.html" title="Installation"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div style="background:#F5F5F5;width:100%;border-top:1px solid #DDDDDD;border-bottom:1px solid #DDDDDD"><table width="100%" cellspacing="0" cellpadding="0"><tr><td><a href="http://www.modsecurity.org"><img style="margin:4px" src="modsecurity.gif" width="120" height="36" alt="ModSecurity" border="0"></a></td><td align="right"><a href="http://www.breach.com"><img style="margin:6px" src="breach-logo-small.gif" height="36" width="100" border="0"></a></td></tr></table></div><div id="navheader"><table summary="Navigation header" width="100%"><tr><th align="center" colspan="3"><span class="trademark">ModSecurity Core Rules</span>™</th></tr><tr><td align="left" width="20%"><a accesskey="p" href="introduction.html">Prev</a> </td><td align="center" width="60%"> <a accesskey="h" href="index.html">Home</a></td><td align="right" width="20%"> <a accesskey="n" href="installation.html">Next</a></td></tr></table><hr size="1"></div><div class="section" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="N10067"></a><span class="trademark">ModSecurity Core Rules</span>™</h2></div></div><div></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="N1006C"></a>Overview</h3></div></div><div></div></div><p>ModSecurity is a web application firewall engine that provides
very little protection on its own. In order to become useful,
ModSecurity must be configured with rules. In order to enable users to
take full advantage of ModSecurity out of the box, Breach Security, Inc.
is providing a free certified rule set for ModSecurity 2.x. Unlike
intrusion detection and prevention systems, which rely on signatures
specific to known vulnerabilities, the Core Rules provide generic
protection from unknown vulnerabilities often found in web applications,
which are in most cases custom coded. The Core Rules are heavily
commented to allow it to be used as a step-by-step deployment guide for
ModSecurity. The latest Core Rules can be found at the ModSecurity
website - <a href="http://www.modsecurity.org/projects/rules/" target="_top">http://www.modsecurity.org/projects/rules/</a>.</p></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="N10075"></a>Core Rules Content</h3></div></div><div></div></div><p>In order to provide generic web applications protection, the Core
Rules use the following techniques:</p><div class="itemizedlist"><ul type="disc"><li><p>HTTP protection - detecting violations of the HTTP protocol
and a locally defined usage policy.</p></li><li><p>Common Web Attacks Protection - detecting common web
application security attack.</p></li><li><p>Automation detection - Detecting bots, crawlers, scanners and
other surface malicious activity.</p></li><li><p>Trojan Protection - Detecting access to Trojans horses.</p></li><li><p>Error Hiding - Disguising error messages sent by the
server.</p></li></ul></div></div></div><div id="navfooter"><hr size="1"><table summary="Navigation footer" width="100%"><tr><td align="left" width="40%"><a accesskey="p" href="introduction.html">Prev</a> </td><td align="center" width="20%"> </td><td align="right" width="40%"> <a accesskey="n" href="installation.html">Next</a></td></tr><tr><td valign="top" align="left" width="40%">Introduction </td><td align="center" width="20%"><a accesskey="h" href="index.html">Home</a></td><td valign="top" align="right" width="40%"> Installation</td></tr></table></div><div align="center" class="copyright">Copyright (C) 2004-2010 <a href="http://www.breach.com">Breach Security</a></div></body></html>
