-
I have written a guide on how to install ModSecurity-apache from source for Ubuntu 20.04 [here](https://github.com/SpiderLabs/ModSecurity-apache/wiki/Installation-from-Source-Ubuntu-20.04).
When a…
ghost updated
4 years ago
-
I'd like to conduct a software engineering experiment regarding the benefit of [Pylint](https://pypi.org/project/pylint/) alerts removal.
The experiment is described [here](https://github.com/eviden…
-
**Is your feature request related to a problem? Please describe.**
There are two wildcard import in examples\issues\issue37.py
In general, wildcard imports should be avoided since the imported obj…
-
**SanitiseArg does not work in RequestBody**
This time without messed up markdown :)
Taken right from the docs: https://github.com/owasp-modsecurity/ModSecurity/wiki/Reference-Manual-(v2.x)#user-c…
-
### Description
Future CRS (nightly build) might contain a False Positive and will flag the word "powershell" as an attack in PL1
I think this should not be flagged by rule 932120
### How to re…
-
**Describe the bug**
In libmodsecurity3, SecAction can't be disabled via a ctl action like with SecRules. This issue isn't present in ModSecurity2.
**Logs and dumps**
N/A
**To Reproduce**
…
-
GovCert Switzerland has published a list of file extensions they think should be blocked: https://www.govcert.ch/downloads/blocked-filetypes.txt
-
**Description**
I followed the docker-compose.yml tutorial for setting up Nextcloud (https://github.com/bunkerity/bunkerweb/blob/master/examples/nextcloud/docker-compose.yml). I can access the web in…
-
Is there any reason why `[\d\w]` is used throughout the file, when `\w` is sufficient?
https://github.com/coreruleset/coreruleset/blob/0a2588e38bd75e26000c155cd788040f6411d4ab/regex-assembly/942130…
-
Is there a reason for not using `[|&*\/%=^+-]+` in the following regex?
https://github.com/coreruleset/coreruleset/blob/a6036b984405798f5accec6a1fc5caaa90de46ac/regex-assembly/942520.ra#L15