OWASP ModSecurity Core Rule Set v3

[joejordanbrown]

Shouldn't the OWASP vendor config file have the version added to the name or even another field to display the version. So if you have v2 and v3 installed you can differentiate between the two?

If you look at the following files you will see they both have the exact same name

v2
http://httpupdate.cpanel.net/modsecurity-rules/meta_OWASP.yaml

v3
http://httpupdate.cpanel.net/modsecurity-rules/meta_OWASP3.yaml

Also i notice v3 displays v2.9.0 in that file, is that an error or just local versioning?

 

[cPanelMichael]

Hello,

This is addressed with internal case CPANEL-10477 in cPanel version 64:

Fixed case CPANEL-10477: Update WHM to use the new ModSecurity ruleset.

You'll see "OWASP ModSecurity Core Rule Set V3.0" as the vendor name in cPanel version 64. Additionally, the case includes the following conditions:

• If the server did not have the older OWASP set installed, the new set should be the only one on the page.
• If the server did have the older OWASP set installed, then it should still be installed and enabled, and the newer set should be shown as available to be installed.

Thank you.

 

[joejordanbrown]

Ok, thank you.