Christian Folini
Christian Folini
This is really quite odd. Can you pull out the ModSecurity configuration out of the container to share? This might help with reproducing.
Still think this is very odd. But the config files you are sharing do shed some light. I have zero experience with the nginx docker container. Above I see a...
Thank you for your contribution @devzero2000. It's been a while. Good to see you are still working on ModSec.
This sanitization stuff is so brittle. I do not know why it does not work for @Seppl2202, but I would not rule out the status 404 being the reason. Try...
I do not really like the monitoring of a preset variable from a conceptual viewpoint. If you want to block when a certain rule is triggered, then issue a `deny`...
@airween asked me to chime in. Sorry to be so silent otherwise. I see how the definition of multiple targets on a single runtime rule exclusion within single quotes would...
Honestly, I think the speed problem is around the whole concept of runtime rule exclusions and how it is implemented. You have a target list and then you remove individual...
I agree with @marcstern completely. And you probably need to give your parser some rest @airween. It's clearly having a bad day.
Argh. Very bad. Can you share your SecAuditLogParts setting?