Felipe Zipitría
Felipe Zipitría
## Summary Phases should be extendable. The initial setup could be the "classic modsecurity" with the 5 well-known phases, but we are restricting integrators to add their own phases. Additionally,...
As a security rules tester, I would like to have tests results coverage based on the tests and on the rules I am testing. **Requirements** - add an optional `--coverage`...
Signed-off-by: Felipe Zipitria - this trick makes both ssdeep and pcre2 be found in other architectures - we need `AC_CANONICAL_HOST` earlier in the `configure.ac` file to use its defined the...
Check what is needed to sign images using cosign. References - https://github.com/sigstore/cosign-installer
Signed-off-by: Felipe Zipitria Adds health check to the `/healtz` endpoint configured in all containers. Fixes #136. Note: I did try adding variables to the different times, but docker doesn't like...
Signed-off-by: Felipe Zipitria Add GHA for scans using Trivy.
Adding a docker HEALTHCHECK should simplify testing and also running in k8s and other orchestrators.
We found out that after upgrading to 1.9.6 there was a big hit in reading ~~ 270 files. After doing some version comparisions, the problem seems to be introduced in...
**Describe the bug** v2 states that ``` # NB: As of April 2022, there is no longer any advantage to turning this # setting On, as there is no active...
### Motivation While adding coverage for the problems found in the BB, we added _User-Agent_ and _Referer_ as targets for our RCE rules. This was a bit too aggressive, resulting...