Ervin Hegedus

Closing as opened a new version in #360.

I'm fine with this, but we can consider to add a `build.sh` script which runs all necessary `auto*` commands, something like this: ```bash rm -rf autom4te.cache rm -f aclocal.m4 case...

Hi @binaryflow, thanks for reporting this. > We are running modsecurity version 3.3.2-1. I think 3.3.2-1 is the CRS version, not the ModSecurity version. Could you write us the exact...

Hi @miluxhd, thanks for this PR. I think this is a good idea to collect the available binary packages (including docker images). Let me find another ones and append them...

> I don't know whether it's a good idea, but we could later add the build pipelines to this repo. What do you mean exactly?

Thanks, now I see. Feel free to work on these packages, I'll add your repository link to README. By the way, Coreruleset has a docker image, which is actively maintained...

Hi @mirkodziadzka-avi, thanks for this detailed report. Just a side note before the relevant part: > And all the examples and also the CoreRuleset always have this form: The second...

> I have to look up that issue. I can't find the exact issue, but as I remember CRS does [this](https://github.com/coreruleset/coreruleset/blob/main/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf#L1029) trick because `%{MATCHED_VAR_NAME}` is not expanding in log message...

Hi @mirkodziadzka-avi, > So the current semantic seems to be: "MATCHED_VARS is cleared on every non-matching SecRule" Agree. I can make a fix next week.

Hi @mirkodziadzka-avi, I think I've found the logical error in the operation. I used your test rule set (with three rules above) and sent two requests. Here is the first:...