-
[-:error] ModSecurity: Warning. detected SQLi using libinjection with fingerprint 'f(n)' [file "/../.. /coreruleset-3.4-dev/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "65"] [id "942100"] […
-
See https://github.com/coreruleset/modsecurity-crs-docker/issues/215 for bug report and discussion.
-
Hello!
I would like to know what would be the best way I can do something similar to this (taken from ChatGPT). I would need to detect when there are many WP Rocket requests (User Agent -> “WP Roc…
-
### Version
None
### Is your feature request related to a problem? Please describe.
Gloo currently runs an older version of modsecurity and the corresponding Core Rule Set.
### Describe the solut…
-
**Describe the bug**
Enabling OWASP CoreRuleSet in ModSecurity (WAF) will cause latest KeeWeb versions code to split into unusable code due to some reason (more in Logs)
**To Reproduce**
I have c…
-
If _completely replacing_ a CRS phase 1 rule (not just updating a rule target etc. but _completely replacing_ a rule, i.e. the operator is being modified) then this cannot occur in the `REQUEST-900-EX…
-
If a chained rule has at least one rule that includes the multiMatch action **and** the rule with the multiMatch action is not the final rule in the chain, then writes to the audit log may occur even …
-
## Description
In Deny mode the WAF seems to correctly handle the `allow` action, and after triggering an `allow` rule other rules in the same and subsequent phases are ignored and not triggered. I…
-
CRS release cycle has been changed into frequent (monthly) releases and sporadic LTS ones.
This Issue is meant to track what we are going to do with the CRS provided directly embedded into the wasm m…
-
### Motivation
We need more input from new contributors. Currently, we are relying more and more on a lot of internal and external tools to write our rules. Not everybody may know them, while they …