-
Hi @zimmerle,
I am trying to validate the tarball modsecurity-nginx-v1.0.2.tar.gz from https://github.com/SpiderLabs/ModSecurity-nginx/releases with the .asc signature provided.
The key apparent…
-
### Description
This is a resurfacing of Issue #1451 where a valid google oauth redirect gets blocked because it thinks you're trying to read from the ".profile" OS File.
A rule was implemented …
-
* How to trigger this bug?
in build source
* The name and version of the OS.
Ubuntu 20.04 LTS
* The version or branch of `ngx_waf`.
ngx_waf 10.1.0
* Output of `nginx -V`.
nginx 1.21.5
* Log
/…
-
Above rule cause that nginx wont start:
`SecRule REQUEST_HEADERS "@contains %" "id:426003,phase:2,t:none,deny,log,msg:'DEBUG Referer: attack'"
`
Also if change to:
`SecRule REQUEST_HEADERS "…
-
### Description
I implemented Google OAuth2 authentication on my website. After user authenticates successfully on Google login screen, Google redirects the browser to an URL on my site that looks …
-
We are experiencing issues with expiring DOS block flag of IP addresses after testing an attack.
With following configuration, used for testing purposes, IP address is correctly blocked, but it doe…
vojch updated
2 years ago
-
**NGINX Ingress controller version**:
nginx-ingress-1.28.1
**Kubernetes version** (use `kubectl version`):
v1.16.1
**Environment**:
Development
- **Cloud provider or hardware confi…
-
系统版本。centos。 7.9
WAF版本 Current
宝塔编译时出现这个
checking for modsecurity library ... not found
./configure: error: the ngx_http_waf_module module requires the modsecurity library.
Please run:
On Ubunt…
-
I am using this configuration:
- http section:
```
modsecurity on;
modsecurity_rules_file /etc/nginx/modsecurity/modsecurity.conf-recommended;
modsecurity_rules_file /etc/nginx/owasp-modsecurit…
-
[root@localhost tengine-2.3.2]# make V=s
make -f objs/Makefile
make[1]: Entering directory `/root/tengine-2.3.2/tengine-2.3.2'
cc -o objs/nginx \
objs/src/core/nginx.o \
objs/src/core/ngx_log.o…