Federico G. Schwindt
Federico G. Schwindt
Maybe this is something for the docs?
Do you have an ETA for this? Thank you!
This is unrelated but which paranoia level are you using? As this attack is pretty old I wonder if we should move this rule.
I haven't tried but I recognise the rule and based on the matched data I see the issue. Unfortunately this is a problem with some rules in combination with languages...
Sorry to be late at the party. Is this a follow up from the original report or some other string matching? If so, can you share what it is matching?...
Meeting decision: I will follow up with @airween. Aim is to create a MVP first, and add features incrementally.
@diablodale You should probably ping https://github.com/client9/libinjection/pull/143 as well.
@diablodale thanks for the info and for ensuring this issue is not closed. If upstream is indeed dead, ModSecurity might want to use something else (or perhaps embed it). @zimmerle,...
Apologies for the delay on this. There are a number of issues IMO with this change: 1. We're doing the conversion twice (one in Aho-Corasick and the other in the...
@dune73 ping.