During my stay at CfgMgmtCamp I
attended the presentation of Franziska Bühler (@bufrasch) titled Web
Application Firewall - Friend of your DevOps pipeline?. She talked
about Web Application Firewalls (WAF) and the Core Rule Set (CRS) for
owasp
Being into security and stuff like that myself, I decided I wanted to try to get the web application with ModSecurity up and running in my own test environment.
My test environment consists of a CentOS8 machine with NGINX and it turned out to be a little trickier than I thought.