theMiddle

I'm running this on my production... let's see what happen: ```perl SecRule REQUEST_URI "!@beginsWith /" "id:920490,\ phase:1,\ block,\ t:none,\ msg:'Open Proxy Scanning Detected',\ ver:'OWASP_CRS/3.1.0',\ severity:'CRITICAL',\ tag:'application-multi',\ tag:'language-multi',\ tag:'platform-multi',\ tag:'attack-protocol',\ logdata:'Matched...

not yet, unfortunately it seems that this rule never triggers since my Nginx convert something like `HEAD http://localhost:80 HTTP/1.1` in `HEAD / HTTP/1.1`. Request: ``` # cat test_req.txt HEAD http://wordpress/test.php...

I initially considered using regex, but I came to realize that v3 doesn't currently support it with `ctl:ruleRemoveBy*`. Frankly, this restriction is posing quite a challenge for us when it...

I wonder if it worth to create a rule that matches all hidden files like `^/\.[^.]+` and remove specific hidden files from that list

also, all `.conf` and `.log` are redundant because of `920440` IMO we can remove all those entries

That's true, this list is checked also on ARGS so, yes!

yes, it's part of the work I'm doing by running all our regression tests against the sandbox. It's a huge work because I'm categorizing every exception. Spoiler: basically, for now,...

Rule exclusion on API that usually has JSON body it's a pain on v3 without this feature. A nested JSON body is hard to exclude. Something like: ```json { "foo":...

Thank you, @christiantreutler-avi I'm currently reviewing the issue. @airween has already provided the payload, and I'm committed to finding a solution.

Fragment can go inside the Referer header and it's really common actually. I think we should totally remove UA and Referer from any rule (regardless of the PL) and develop...