Test OWASP rules


#1

Hi,

We are onboarding to cloudflare and I’d like to test some of the OWASP rules, just to understand them.

How would i go about this? I tried the following but it just returns a 200, even though I thought it would violate a bad bot rule “Request Indicates a Security Scanner Scanned the Site”.

waf-nmap-test.config

head
user-agent = “Mozilla/5.0 (compatible; Nmap Scripting Engine)”
url = “https://www.example.com
header = "Host: www.example.com

curl -K waf-nmap-test.config


#2

Hello

The class of functions satisfying the condition of OWASP is quite broad. Such features may not have minimum points at all, may have local points of the minimum, saddle points, and so on. OWASP shows that the gradient method provides the convergence by function or the exact lower bound, or the function value to the stationary point. The convergence of the sequence to the stationary point (if it exists) also holds true, but it is difficult to establish the same rate of convergence for these requirements to the function. Under fairly strict conditions, the smoothness and convexity of a function can prove not only the convergence of the sequence, but also estimate the rate of convergence.
Here’re several resources to look at, if you’re interested in OWASP rules:

https://www.netnea.com/cms/apache-tutorial-7_including-modsecurity-core-rules/
https://www.domyhomework4me.net/
https://coreruleset.org/


#3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.