Tag: crs

Coraza is the memory-safe, Go-written WAF that speaks ModSecurity’s language and runs the OWASP CRS unchanged. Here is what libcoraza and the nginx-coraza module are, why we package them, and the fork-deadlock gotcha nobody warns you about.

Half of all web traffic is bots, and a growing slice are vibe-coded AI scanners written by a chatbot prompt. Here is the five-layer defense in depth that stops them: rate limiting, WAF, TLS hardening, request validation, access control, PHP and Docker hardening, plus the patching that does the most work.

WordPress XSS and SQL injection CVEs are exploding because AI now finds them faster than you can patch. This ModSecurity CRS plugin is the last wall: 40+ rules, typed-parameter SQLi blocking, rate limiting and GeoIP — before PHP ever boots.

A beginner-friendly, step-by-step guide to installing ModSecurity and the OWASP Core Rule Set on NGINX for Debian and Ubuntu — from zero to a live WAF without taking your site down.