martinhsv

@marcstern ? DId you actually notice any functionality problem here?

Hello @jakubsuchy , My skim of the documents suggests that the U.S. government is still not issuing numbers in the 900s. Should we perhaps consider including that in the if...

Hello @cerebox , What is the Content-Type for these requests? Is it 'multipart/form-data'? Or something else? Are you using SecRequestBodyLimit? If so, what is its size compared to the size...

Hello @cerebox , SecRequestBodyAccess Off has never truly shut off access to the request body in ModSecurity v3. The current behaviour of this setting is non-intuitive and problematic (see #2465...

Yes of course. I never claimed that the problem originated with that 2023 development effort, only that that was when I **noticed** it. The underlying issue has been present in...

Hello @ShaiMagal , To clarify: the 408 is being generated by that other mod, right (i.e. mod_reqtimeout)? In that case, when you write the expectation 'Detect 408 http code correctly...

@ShaiMagal , To be clear, each transaction that triggers a 408 (presumably produced by the action of mod_reqtimeout, since that is what it is intended to do) is being 'blocked'...

When a standard slowloris attack (very slow, incremental sending of request headers) is halted by mod_reqtimeout, I don't see a good way to have ModSecurity automatically report on this. The...

It's not clear to me that that Nov. 2016 issue indicates that the interoperability worked as you expect at that time. That is not explicitly stated. In any case, I...

@ShaiMagal , I did provide two possible suggestions here: https://github.com/SpiderLabs/ModSecurity/issues/3007#issuecomment-1810722958 . Beyond that, any further time to be spent on this item will be prioritized against other open issues.