Juan Paulo Breinlinger · baf2edd8 · 46c96de4 · 668f39cb · 639b0b41 · 70948de9
--- a/el9/templates/crs-setup-configmap.yaml 0 → 100644

+ 24

− 0
+++ b/el9/templates/crs-setup-configmap.yaml 0 → 100644

+ 24

− 0
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: crs-setup-config-{{ .Release.Name }}
+data:
+  crs-setup.conf: |
+    # This configuration will lower the default
+    # anomaly detection scores for critical, error, warning and notice.
+    # So that mod_security doesn't generate so many false possitives
+    # in our infrastructure. Check for reference:
+    # https://coreruleset.org/docs/2-how-crs-works/2-1-anomaly_scoring/#severity-levels
+    SecAction \
+        "id:900990,\
+        phase:1,\
+        pass,\
+        t:none,\
+        nolog,\
+        tag:'OWASP_CRS',\
+        ver:'OWASP_CRS/4.7.0',\
+        setvar:tx.crs_setup_version=470,\
+        setvar:tx.critical_anomaly_score=2,\
+        setvar:tx.error_anomaly_score=1,\
+        setvar:tx.warning_anomaly_score=0,\
+        setvar:tx.notice_anomaly_score=0"