ModSecurity
ModSecurity copied to clipboard
owasp-modsecurity
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range o...
In modsec_var_log_handler(), ther's a check for msr being NULL: if (msr == NULL) return NULL; return construct_single_var(msr, name); construct_single_var() uses msr->msc_rule_mptmp, so this should also be checked: if (msr->msc_rule_mptmp ==...
**Describe the bug** **We publish more frequently every day, and often reload nginx,every few days nginx has a memory leak,How to fix it?** **Logs and dumps** Output of: ``` 2021/01/21...
There was a fix for Apache 2.4 logging in https://github.com/SpiderLabs/ModSecurity/commit/f813365f, which was partly reverted by https://github.com/SpiderLabs/ModSecurity/commit/da995bb6. Unfortunately, this reversion also removed the APLOG_USE_MODULE macro , which most likely wasn't causing...
Allow macro expansion in ctl:ruleRemoveTargetByTag. This allows, for instance, to detect headers not containing a specific character, then removing these headers from some rules.
Hello, First, thanks you for all you did and do. ModSecurity is a great project. Like https://github.com/SpiderLabs/ModSecurity/issues/360 and https://github.com/SpiderLabs/ModSecurity/issues/587, we need to sanitize XML content. After hours of searches and...
`seclang-scanner.ll: In function ‘yy::seclang_parser::symbol_type yylex(modsecurity::Parser::Driver&)’: seclang-scanner.ll:1272:15: error: ‘strdup’ was not declared in this scope; did you mean ‘strcmp’? seclang-scanner.cc: In function ‘void yy_init_buffer(YY_BUFFER_STATE, FILE*)’: seclang-scanner.cc:9240:48: error: ‘fileno’ was not declared...
**Describe the bug** Current implementation of json audit logs generates log entries with duplicated keys in the event of repeated headers in either the request or response. This is _technically_...
**Describe the bug** When compiling with a provided, local compiled LUA (5.4.4), the --with-lua=/data/lua-5.4.4 seems to be ignored and results in "not found" -> it does not seem to look...
We are using mod_rpaf to populate useragent_ip (the C source variable in the request record) among other things that mod_remoteip completely ignores (HTTPS, Port,...). We have been using this setup...
 how can i fix it?
Metadata
Owner
Metadata
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range o...