cyberblackhole
commented
5 years ago Any update?
Closed cyberblackhole closed 5 years ago
cyberblackhole
commented
5 years ago Any update?
zimmerle
commented
5 years ago Hi @Goron,
Sorry for the delay. The commit 96fbca43a49c977d12f2a86e2a5ba722b04f0597 was reverted, you should be set now.
cyberblackhole
commented
5 years ago Hi @zimmerle
That commit was supposed to be a fix for POST body handling #22 . However, I reverted the commit and the GET attack signatures were detected.
That means, I could expect a proper fix in near future for POST attack signatures right?
zimmerle
commented
5 years ago Yes, however it may take a while. Keep in mind that the Apache connector is still in beta. For Apache in production, we still recommend the 2.x family.
cyberblackhole
commented
5 years ago ok thanks
This is in reference to the issue which I created recently here .
The GET requests containing attack signatures are not detected. However the same signatures sent over POST are detected.
Im using latest modsecurity version with owasp CRS 3.0 and my environment is setup correct. I'm facing this issue since I pulled this commit