azurit
azurit
We should NEVER EVER recommend to setting it higher than 5.
@touchweb-vincent Hi and thanks for this PR. Unfortunately, it is invalid because keyword `asound` was 'generated' from `proc/asound` i.e. it is not supposed to match any configuration file. Are you...
I wonder if `asound` is really supposed to be in `restricted-upload.data`. This file is used by rule `932180` which is meant to defend against uploading of configuration files and similar...
This needs to be discussed - adding it to the agenda of next monthly chat.
Hm, we are really having major problems because of libinjection. This cannot be easily fixed as fixing it means doing reimplementation of libinjection possibility matching patterns like `1=1` (all of...
Not allowed in MariaDB/MySQL.
Can you point to a RFC? Thanks.
Can you explain more what kind of issues? What exactly are you trying to fix?
``` $ curl --http2 -H "x-format-output: txt-matched-rules" -H "x-crs-paranoia-level:4" "http://sandbox.coreruleset.org/" -d '{"id_order":"select(sleep(10));"}' -H 'Content-Type:' -H 'Content-Length:' 920180 PL1 POST without Content-Length or Transfer-Encoding headers ```
What exactly you want to be blocked? As i said, you need to describe it more, it is not clear.