Hi
I have a lot of hits on rule 990012 - because some of our users
(everything would be so much easier if they weren't there :)) have the
following as User-Agent: Mozilla/4.0 (Windows XP 5.1) Java/1.6.0_35 (The
Java version may vary).
I did a bit of googling and "Windows XP 5.1" is the correct version of
XP - some sites list this a as bot, some doesn't. If I do a search for
"Windows XP 5" the results for User-Agents are bot, bot and bot...
Does anyone know if the intensions are to catch only "Windows XP 5" or both?
I have added a case to the rule here that allows "Windows XP 5.1" as
User-Agent, but not "Windows XP 5" - guess the question is if the
updated rule should be submitted for the next ruleset?
/Anders
_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
Owasp-modsecurity-core-rule-set@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
