-
Is it possible to add Modsecurity rules to Nginx?
-
Hi guys, so i try to build nginx with mod security with command look like this :
```
export TENGINE_VERSION=3.1.0
export YAJL_VERSION=2.1.0
export MODSEC_VERSION=v3.0.12
export MODSEC_NGX_VERSI…
-
The service appears to implicitly trust the user-supplied Host header. If this input is not properly validated, an attacker could inject harmful payloads through the Host header, manipulating server-s…
-
Both the documentation and the conversations and issues in the GitHub repository are unclear about `modsecurity`.
## Checklist
- Have you pulled and found the error with `jc21/nginx-proxy-manager:…
-
### OpenPanel version(s) affected
0.1.5
### Description
Core rules update downloads only the rules files from https://github.com/coreruleset/coreruleset/tree/9875b44c0b9d91144d02df78af8e056d96ce0ff…
-
### OpenPanel version(s) affected
0.2.1
### Description
high load on `opencli nginx-install_modsec`
### How to reproduce
OpenAdmin > Security > Modsecurity WAF
### Possible Solution
_No respons…
-
### Name and Version
bitnami/nginx-ingress-controller 10.3.0
### What architecture are you using?
amd64
### What steps will reproduce the bug?
Trying to deploy latest `nginx-ingress-con…
LeTuR updated
4 months ago
-
Hello,
I tried to install on Debian 12 the ModSecurity with Nginx 1.26.1
After the install, the module isn't working with a simple test with this command : curl http:///index.html?exec=/bin/bash…
-
**Describe the bug**
I don't see any real problem just noticed logs entries.
**Logs and dumps**
SecDebugLog & SecDebugLogLevel 3
```
[172440041140.141021]` [/vystrelovaci-rukavice-3-sipky/]…
-
**Describe the bug**
Libmodsecurity3 produces log (through a callback function eg. for Nginx) with unusable `[hostname]` field. `[hostname]` always contains the IP address of the **server**, which …