← HeatShield Docs

OWASP ModSecurity Core Rule Set (CRS)

HeatShield uses the OWASP ModSecurity Core Rule Set. The Core Rule Set (CRS) is an extremely popular open-source collection of attack detection rules maintained by the Open Web Application Security Project (OWASP).

The Core Rule Set includes rules covering many areas of security including:

  • SQL Injection (SQLi)
  • Cross Site Scripting (XSS)
  • Local File Inclusion (LFI)
  • Remote File Inclusion (RFI)
  • PHP Code Injection
  • Shellshock
  • Unix Shell Injection
  • Session Fixation
  • Scripting/Scanner/Bot Detection

You can find the source code for the OWASP ModSecurity Core Rule Set on GitHub.

Advanced security for your WordPress sites