Install ModSecurity Rules from Trustwave SpiderLabs

Question

I am using Nginx open-source and ModSecurity version 3.0.4. I have run "OWASP ModSecurity Core Rule Set (CRS)" and it has worked well. But recently I have bought the Commercial Rules from Trustwave SpiderLabs and it doesn't work, even though the rules were loaded:

main.conf: SecRemoteRules xxxxx https://dashboard.modsecurity.org/rules/download/plain

error.log: 2020/06/08 14:19:53 [notice] 22541#0: ModSecurity-nginx v1.0.0 (rules loaded inline/local/remote: 0/14892/0 How can I run the rules?

score 0 · Answer 1 · answered Jun 09 '20 at 13:13

0

You don't "run" the rules. Along with your purchase, you must have a login to the dashboard.

This is where you can enable individual rules or rulesets.

answered Jun 09 '20 at 13:13

Danila Vershinin

1,471
9
11

I have tried https://abc.com/examples/jsp/cal/cal2.jsp?time=8am%20STYLE=xss:e/**/xpression(try{a=firstTime}catch(e){firstTime=1;alert(%27XSS%27)});. This is payload to exploit: Apache Tomcat Examples Web Application Calendar Application jsp/cal/cal2.jsp time Parameter XSS , but nothing happend – Hiếu Lê Văn Jun 10 '20 at 08:37

Install ModSecurity Rules from Trustwave SpiderLabs

1 Answers1