OWASP ModSecurity Core Rule Set Sensitivity Off

In the Web Application Firewall

### Package: OWASP ModSecurity Core Rule Set

OWASP Core Ruleset (2013) provides protection against common attack categories, including SQL Injection and Cross-Site Scripting. There are two primary settings, Sensitivity and Action.

In the below article it describes what Low, Medium and High mean for Sensitivity but I can’t find what “OFF” means. Does it mean the sensitivity if off, so any score will trigger a challenge (or applied action) or does it mean the OWASP core ruleset is off, or something else?

Hi @SiTaylor,

I believe that if you select ‘Off’ there, it means that those rules will not trigger at all.

This topic was automatically closed after 30 days. New replies are no longer allowed.