What is the Security Paranoia Level on the OWASP ModSecurity Core Rule Set 3?
The OWASP ModSecurity Core Rule Set 3 is a rule set available to all customers, which protects against most generic web application attacks, including SQL injections, cross-site scripting, file inclusion and HTTP violations. It comes with a configurable Security Paranoia Level setting, which allows users to disable certain rules in order to reduce the number of false positives that they may encounter. For more information about false positives, please see this article.
The WebOrion™ Protector WAF comes with the following Security Paranoia Levels:
Level 1 (Default):
Adequate security to protect almost all web applications from generic exploits. We recommend most users to use this level by default, to ensure minimum disruption from false positives.
A slightly higher level of security to block almost all web application exploits. This may result in some false positives.
A more paranoid approach to web security. You may experience a higher number of false positives.
Level 4 (most paranoid):
The most paranoid, preventive approach to security. This mode may block quite a number legitimate requests to your site.