-
I have written a guide on how to install ModSecurity-apache from source for Ubuntu 20.04 [here](https://github.com/SpiderLabs/ModSecurity-apache/wiki/Installation-from-Source-Ubuntu-20.04).
When a…
ghost updated
3 years ago
-
Dear all, is anyone else getting this when downloading [https://github.com/coreruleset/coreruleset/archive/refs/tags/v4.5.0.zip]
Could any of you let me know if this is real or a false positive, and …
-
### Description
Future CRS (nightly build) might contain a False Positive and will flag the word "powershell" as an attack in PL1
I think this should not be flagged by rule 932120
### How to re…
-
Hi,
i just installed ModSecurity (2.9.7) and OWASP_CRS (3.3.4) for my Nextcloud installation.
As expected, nothing worked anymore, which is why I tried to install this plugin by following the ment…
-
Hi there,
thanks for the great work on CRS.
It would be nice if the maintenance plans for CRS 3 would be documented. Like eg. no more releases planned, or only 3.3.x releases for another 12 months o…
-
**Description**
I followed the docker-compose.yml tutorial for setting up Nextcloud (https://github.com/bunkerity/bunkerweb/blob/master/examples/nextcloud/docker-compose.yml). I can access the web in…
-
We may want to add an action for docker security scanning:
https://github.com/phonito/phonito-scanner-action
fzipi updated
2 years ago
-
Hi CRS Teams 👋
This idea bumps into my mind when I am trying to learn what is new in CRS 4.0. For CRS 4.0, one of the key features is the plugin.
Also, many new repositories are coming up to the …
-
Hi Guys,
run this script, met issue(as title), can help? thanks
my modsecurity(3.0.9) logs format:
```
{"transaction":{"client_ip":"10.200.101.16","time_stamp":"Thu May 11 02:13:58 2023","se…
-
In order to identify reflected and stored Cross Site Scripting (XSS) attacks inside HTTP requests and SQL queries we need to implement a UDF that returns whether or not the input string contains a XSS…