-
Everything we have tested with haproxy and coraza spoa has been detected and marked/blocked accordingly including various mysql injection tests.
However, we have a website form that we know was sql…
-
Hello,
I am getting hard to run a quick apache/nginx webserver + waf for demonstration purposes,
I would prefer to use owasp/modsecurity image as a standalone server rather than a reverse proxy,
I…
-
Hello, I want use this image for a website, but I can't add modules like gzip or ngx_http_core_module. And when I set keepalive_requests, container don't start.
How can I enable a module in this imag…
-
I'm trying to run this image in my helm chart running in OCP4 whereby we have a quality gate that only allows pods with readOnlyRootFilesystem set to true. Is there perhaps hints on how to accomplish …
-
### Describe the bug
I'm a newbie in ModSecurity rules creation, so my configuration is probably incorrect. If so, please help me to configure it
correctly.
For a GET request "https://123.123.12…
-
### OpenPanel version(s) affected
0.1.5
### Description
Core rules update downloads only the rules files from https://github.com/coreruleset/coreruleset/tree/9875b44c0b9d91144d02df78af8e056d96ce0ff…
-
Hi everyone,
I am currently trying to implement Coraza into my Caddy setup, but for some reason the hostname of blocked requests does not get logged. As you can see in the log samples below, the ho…
-
### Gloo Edge Product
Enterprise
### Gloo Edge Version
v1.14.8
### Kubernetes Version
v1.24.0
### Describe the bug
When having waf configured with `SecRequestBodyAccess On` and sending larger p…
-
I got a message " Malware incident on one endpoint ,Dirtelti' backdoor was prevented"
Microsoft defender has detected a computer virus.
The name is Chopper ,high-severity malware. https://www.virus…
-
### Description
When a COOKIE ID containing the character sequence '--' is generated, mod_security thinks it's a SQL injection and returns a 404 error. This sequence should be avoided, or the '-' cha…