ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
Describe the bug
A clear and concise description of what the bug is.
Logs and dumps
Output of:
Notice: Be carefully to not leak any confidential information.
To Reproduce
Steps to reproduce the behavior:
A curl command line that mimics the original request and reproduces the problem. Or a ModSecurity v3 test case.
[e.g: curl "modsec-full/ca/..\..\..\..\..\..\/\etc/\passwd" or issue-394.json]
Expected behavior
A clear and concise description of what you expected to happen.
Server (please complete the following information):
Rule Set (please complete the following information):
Additional context
Add any other context about the problem here.