Ervin Hegedus
Ervin Hegedus
I've played with the code, looked few other modules... I didn't other module, which uses apxs to build. Anyway, I prepared this module for Debian, see this: https://github.com/airween/ModSecurity-apache/tree/debian All I...
Meanhile I realized, that with the -c doesn't gives the expected result, for some reason the .so is incompatible with the apache2 httpd... apxs2 doesn't support the DESTDIR argument, or...
> Are the package generation process held into a fakeroot? yes (on Debian). But may be I've found a solution (on Debian), hope that can present soon.
We found an API [call](https://docs.bigbluebutton.org/dev/api.html#recording) - are we able to remove the mentioned metadata fields with this endpoint?
> I'm not sure why the tests are failing… maybe because it's the new Docker images? The CI system says: ``` 5:18PM FTL ftw/run: can't connect to destination &{DestAddr:127.0.0.1 Port:80...
Some additional info: * I can't reproduce the issue on Apache2 + mod_security2 * but I can do that on Nginx + libmodsecurity3 * I tried with this curl command:...
Hi @seanScoompy, Thanks for reporting. It would be nice to see yor logs after added te modification above, eg. which other rule triggered.
Hi @seanScoompy, based on your report I assume you use OWASP CRS 3.2. This version contains the mentioned [tag](https://crsdoc.digitalwave.hu/?v=v3.2.1&f=1&_tg=89) by rules 942NNN. I also added your rule 101010 above, and...
> The SecRuleUpdateTargetByTag needs to be before CRS rules or only before custom rules? Sorry, that was my mistake. Based on the [documentation](https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-(v2.x)#SecRuleUpdateTargetByTag) and [CRS example](https://github.com/coreruleset/coreruleset/blob/v3.2/master/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf.example#L36), you should put it...
@seanScoompy, thanks. Do you access to server logs? Without that, I'm not sure we can help.