I have joomla up and running on ubuntu 14.04 with apache 2.4.7 and joomla 3.4.3. I've been following along with the checklist I've now installed mod_security and discovered the OWASP rules. I see that there are joomla specific rules which seem to not cause any problems. But I tried to enable some other rules (sql injection ruleset for example) and it seemed to trigger a bunch of false positives in the joomla admin panel. Tried to disable the offending rules within the the enabled .conf but there seem to be multiple conflicts and i'm not sure which rules are essential for security. Which rules from the modsecurity core rule set it is recommended i enable with joomla 3.4? 


please help


I did not find the right solution from the internet.



healthcare product marketing



You need to be a member of OWASP to add comments!


Email me when people reply –