A new software update is available: OWASP CRS 4.6.0 released
OWASP CRS 4.6.0 released
The OWASP CRS v4.6.0 is a collection of attack detection rules designed for ModSecurity or compatible web application firewalls. It's all about keeping web applications safe from a range of attacks, including the notorious OWASP Top Ten, while keeping false alarms to a minimum. Some of the highlights in this release are the prevention of backslashes in file names, the addition of an invalid character in multipart headers, an update to 932270's version, and the inclusion of pem in the list of restricted file extensions.