Max Leske

That will largely depend on engine support. There's really nothing we can do with rules alone to.

Thanks @tspearconquest. Unfortunately, the project has been canned, so I'm not using `azure-keyvault-env` at the moment.

I had the same experience. With httpd the log message appeared in the error log, as expected, with nginx, it was nowhere to be found.

Technically, this is not an issue of the images but of ModSecurity, unless Lua logging works with a standard installation. Do you know, @leveryd?

#191 solves the root user issue.

@fzipi No, I don't think so. @ne20002 is talking about read-only filesystems, while the change is simply to use a non-root user (which has some similar implications, of course).

What kind of chart are you thinking about? A Helm chart? Or are you talking about the examples for the ingress controller you gave above?

Thanks @ne20002. I've opened a PR: https://github.com/coreruleset/modsecurity-crs-docker/pull/210

@Danrancan My advice is to roll back to your previous installation of CRS. v4 is a major update and you'll need to tune the installation. It's probably easiest to install...

You appear to be running WordPress but didn't mention the plugin. Rule exclusions are no longer part of v4 core, but have become plugins. The Wordpress plugin can be found...