-
This is the Agenda for the Monthly CRS Chats.
The general chat is going to happen on https://owasp.slack.com in the channel #coreruleset on Monday, November 2nd, at 20:30 CET. That's the 1st Monday…
-
### Description
There is a simple request header injection that's being run in the wild that doesn't trigger any detection rules:
https://domain/if(now()=sysdate(),sleep(12),0)
curl -sSL "https://d…
-
### Description
Rule 941130 matches `.xhtml` such as a parameter of the following value: `https://url/blablabla.xhtml`.
It also match `2xhtml` in `html2xhtml`.
The regex is built from the follo…
-
This is the Agenda for the Monthly CRS Chats.
The general chat is going to happen on https://owasp.slack.com in the channel #coreruleset on Monday, January 4th, at 20:30 CET. That's the 1st Monday …
-
Hi,
First of all apologies if I sound like a noob, in fact I am! While I have been in IT infrastructure for many years, I am quite new to coding and web administration - trying to learn something n…
-
### Description
I have two virtual server config files which perform reverse proxy tasks. One already had modsecurity enabled and was working fine. The other I have just finished configuring so hav…
-
### Description
When Modsecurity is enabled in my virtual hosts file, authentication into the application fails. It is supposed to authenticate with AD, then complete an OTP challenge. Even with th…
-
### Description
I'm running `phpBB 3.2.7` on a shared hosting environment. The `admin panel` suddenly stopped working yesterday. Presumably, my hosting providers updated the rules.
### Audit Log…
-
### Audit Logs / Triggered Rule Numbers
FP can be easily triggered, for example, with this text in any POST field (realworld example from music forum):
```
DJ Wich - soundtrack Gympl
anything …
-
This is the Agenda for the Monthly CRS Chats.
The general chat is going to happen on https://owasp.slack.com in the channel #coreruleset on Monday, December 7th, at 20:30 CET. That's the 1st Monday…