Skip to main content

CRS Rules Management

Current Service Status

The CRS Rules feature is fully operational with comprehensive protection against OWASP Top 10 threats. All rule groups are actively maintained and updated to address emerging security threats.

Quick Start

  1. Access CRS rules: Navigate to Origin Shield > CRS Rules and select your domain
  2. Choose protection level: Enable rule groups (XSS, SQL Injection, Generic Injection) based on your security requirements
  3. Configure actions: Set rules to Block, Pass, or Simulate mode depending on your testing and production needs
  4. Apply changes: Use batch operations to enable multiple rules at once, then monitor your traffic for any false positives

CRS Rules

The CRS Rules (Core Rule Set) feature allows activation of core security rules designed to protect systems from common attacks according to OWASP Top 10 standards. The system supports three main rule groups:

  • XSS Rules: Protection against Cross-site Scripting attacks.
  • SQL Injection Rules: Protection against SQL query injection.
  • Generic Injection Rules: Detection of other injection patterns not covered by the above two groups.

Users can enable/disable individual rules or apply batch operations according to operational needs.

CRS Management Interface

Each rule group has a list interface including the following columns:

  • Rule ID: Unique identifier for each rule.

  • Threats: Description of attack types that the rule detects.

  • Action: Action applied when the rule is triggered.

    • Simulate: Log but do not block requests.
    • Block: Block requests.
    • Pass: Allow requests to pass.

  • Enable: Toggle switch for enabling/disabling individual rules.

Users can search or filter by Action and Enable to quickly manage the rule list.

How to Enable/Disable and Edit Multiple Rules

To apply batch actions to multiple rules:

  1. Check the rules in the list.
  2. Select the corresponding action in the Action menu (Block / Pass / Simulate).
  3. Click the Apply button to apply in batch.
  4. Toggle the Enable switch to activate/deactivate rules.

The system allows enabling all rules at once for each group or selective application based on appropriate levels.

Getting Support

For assistance with CRS rules configuration:

  • Security Consultation: Contact our security team for guidance on optimal rule configurations for your specific application
  • OWASP Resources: Refer to the official OWASP Core Rule Set documentation for detailed rule explanations and best practices
  • False Positive Management: Use simulate mode to test rules before enabling them, and contact support for help with legitimate traffic that may be blocked
  • Regular Updates: CRS rules are automatically updated to address new threats - monitor our security bulletins for important changes