ModSecurity
ModSecurity copied to clipboard
owasp-modsecurity
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range o...
**Describe the bug** This is a duplicated issue, the first one is more that 4 years old - see #2210. Seems like `@rbl` operator does not support IPv6. There was...
In utf8_unicode_inplace_ex(), we have the following code: ``` c = *utf; /* If first byte begins with binary 0 it is single byte encoding */ if ((c & 0x80) ==...
A small discussion happened on the Slack #project-modsecurity from OWASP where I pointed out that, with TW changing ownership to OWASP of modsecurity, the domain name might need to be...
**Describe the bug** libModSecurity3 does not log the request body in the audit log, although the triggered rules, response body and request/response headers are logged. **Logs and dumps** ``` ---38ayZkm8---A--...
**Describe the bug** When there's a regular expression error due to `SecPcreMatchLimit` or `SecPcreMatchLimitRecursion` (i.e. `MSC_PCRE_LIMITS_EXCEEDED`), a rule using `!@rx` will say that the rule was triggered. However, failures with...
I have installed Lua 5.4, Nginx 1.20.1, Modsecurity V3 and this is my config Modsecurity ``` ModSecurity - v3.0.12-33-g625f9a53 for Linux Mandatory dependencies + libInjection ....v3.9.2-46-gbfba51f + SecLang tests ....a3d4405...
**Describe the bug** I came accross the issue, when I was sending data as JSON string: Send a JSON string with a specific array length (>1000 items) leads to a...
**Description** A request will trigger many rules if it contains many special keywords. Each rule triggered per request is logged in `MODSEC_AUDIT_LOG` and `ERRORLOG`. As described in the "to reproduce"...
Hello. I have libapache2-mod-security2 2.9.7-1 installed on debian 12. In the configuration file /etc/modsecurity/modsecurity.conf Default `SecAuditLogStorageDir = /opt/modsecurity/var/audit` and all logs are written together, regardless of vhost. Is it possible...
This PR fixes SonarCloud issues in these files: * [src/anchored_set_variable.cc](https://sonarcloud.io/project/issues?resolved=false&types=BUG&id=owasp-modsecurity_ModSecurity&open=AY1CfJ_hrsSpWCKX0wV6) * [src/collection/backend/in_memory-per_process.cc](https://sonarcloud.io/project/issues?resolved=false&types=BUG&id=owasp-modsecurity_ModSecurity&open=AY1CfJ-3rsSpWCKX0wUJ) and one [more](https://sonarcloud.io/project/issues?resolved=false&types=BUG&id=owasp-modsecurity_ModSecurity&open=AY1CfJ-3rsSpWCKX0wUM) place Summary: [AnchoredSetVariable](https://github.com/owasp-modsecurity/ModSecurity/blob/v3/master/headers/modsecurity/anchored_set_variable.h#L71) and [InMemoryCollection](https://github.com/owasp-modsecurity/ModSecurity/blob/v3/master/src/collection/backend/in_memory-per_process.h#L72-L73) types are derived from [std::unordered_multimap](https://en.cppreference.com/w/cpp/container/unordered_multimap). Both type has a `resolveFirst(key)`...
Metadata
Owner
Metadata
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range o...