Christian Folini
Christian Folini
Very good writeup, thanks (I edited it slightly for even better comprehension). Question: I see the different behaviors of the engines. What are the reasons the ModSec 2.9 behavior is...
Thanks for the explanation. I like the **performance advantage and enabling when needed** argument this coupled with consistency should be all it takes to convince people.
Why would you use the `+` in your example `[\r\n]+}`?
Thank you. (I do not want to sound nagging, but I want to be sure I really understand things.)
Thank you. I think we need @airween to discuss the approach to get ModSec v3 to adopt the ModSec v2 standard of `PCRE2_DOLLAR_ENDONLY`: It's is the old standard, it's more...
That would be an alternative to the idea to describe how to create your own plugin. And actually quite a good alternative. What do you think?
Ping @fzipi.
OK. Consider this done!
I'm all for migration to webpage. As documented above I had planned to write this for the WAF month media campaign by OWASP's outreach coordinator Jason. Then he left and...
Apparently linter is not checking this. I see 3 tags missing from detection rules. That's clearly a bug. I think the policy was to only tag the detection rules. The...