-
MODSEC-70: Please provide a configuration option to allow suppression of the below error message:
ERROR (3) Output filter: Error while forwarding response data (104): Connection reset by peer
This i…
-
MODSEC-259: When configuring mod-security with the following options everything seems to be fine:
------------------------------------------------------------------------------------------------------…
-
MODSEC-302: This is my config for logging output
SecAuditLogType Serial
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus ^[45]
SecAuditLog logs/modsec_audit_log
However when looking in …
-
MODSEC-87: A particular URL causes Apache to Segfault with the error shown in the summary.
It ocurrs during the response body processing phase so as a workaround we have added the following to Apach…
-
MODSEC-347: install PCRE ...
svn co svn://vcs.exim.org/pcre/code/trunk pcre
cd pcre
echo -e $CFLAGS "\n" $CXXFLAGS
-O2 -march=amdfam10 -mtune=amdfam10 -fPIC -DPIC -D_GNU_SOURCE -fno-strict-alias…
-
CORERULES-7: Your latest core rule set : modsecurity-core-rules_2.5-1.6.1.tar.gz blocks OpenID
The offending rule is in modsecurity_crs_42_tight_security.conf
The exact rule is
SecRule ARGS "^(?:ht…
-
MODSEC-31: Inspection of internal redirects and error docs was removed from 2.5 due to this causing some strange errors in some circumstances. This should be fixed and the feature re-enabled. See MO…
-
On a file inclusion vulnerability the resource is loaded and executed in the context of the current application. A directory traversal vulnerability on the other hand, only gives you the ability to re…
-
i am using the latest set of owasp crs.
an sql injection test on a website in our server has the following result.
Test1 :
a' union sElEcT 1,2,table_nAme fRom informAtion_schemA.tAbles WhErE tablE_…