Hi all, I've been doing some tests and i've noticed that the rules on the file "modsecurity_crs_41_sql_injection_attacks" are not using REQUEST_URI.
I've noticed that with this configuration when the hosts are using "friendly urls" the injections, on the URL, are not detected. (at least from the tests i've done) I assume that this is problably because of false positives, but i think it's relevant to analyse the URLs, even when they are with "friendly urls". Does someone have some good tips to workaround this? For the moment i've altered the rule and i'm using on the same file (modsecurity_crs_41_sql_injection_attacks) "SecRule....REQUEST_URI". I would like some opinions on this. What would be the best aproach? Keep on the greate job, Thanks
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
