azurit
azurit
### Prerequisites * [X] Put an X between the brackets on this line if you have done all of the following: * Read about bug reporting in general: https://rspamd.com/doc/faq.html#how-to-report-bugs-found-in-rspamd *...
Removing these non-forward secrecy ciphers from Apache configuration: ``` ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ```
File ZyklonShell.php wasn't downloaded correctly, just look into it.
File `JspWebshell_1.2.php` should be renamed to `JspWebshell_1.2.jsp` as it's an .jsp shell.
According to SOAP 1.2 specification, the optional 'action' parameter is allowed for 'Content-Type' header, see RFC3902: https://www.ietf.org/rfc/rfc3902.txt Also, the original regexp was invalid as it was allowing only one parameter...
I found TONS of ways how to bypass rule `942380` and some of them were extremely easy (for example using `\s` instead of `\s+` in regex). We are now able...
Rule `944110` is matching same variables in both main and chained rules. This is: 1. Not required. 2. Ineffective. 3. Possible creating more FPs. The list of variables in the...
This is only a proof-of-concept, probably not the best one. Everyone of our users, who is new to rule exclusions and is trying to write his/her own exclusion rules, is...
fix(security): remove double URL decode (921151 PL2, 932190 PL3, 942441 PL2, 942442 PL2, 942460 PL3)
As these rules are matching only against ARGS* variables, double URL decode can be removed immediately and without handling other related problems. Partial fix for R9V-240531.
Rules 921151, 932190, 942441, 942442 and 942460 are doing `UrlDecode` for `ARGS*` (this is done automatically by engine) but NOT `UrlDecodeUni` (which happens after removing `UrlDecode` transformation), which includes also...