[Owasp-modsecurity-core-rule-set] I have commented modsecurity_crs_23_request_limits.conf

Tue, 17 Dec 2013 22:38:21 -0800 

Hi,
I have commented modsecurity_crs_23_request_limits.conf. I want to know whether i'm still gonna be OWASP compliant. 

Thanks in advance.
Tendani


On 16/12/2013 14:00, 
owasp-modsecurity-core-rule-set-requ...@lists.owasp.org wrote:

Send Owasp-modsecurity-core-rule-set mailing list submissions to
        owasp-modsecurity-core-rule-set@lists.owasp.org

To subscribe or unsubscribe via the World Wide Web, visit
        https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set

or, via email, send a message with subject or body 'help' to
        owasp-modsecurity-core-rule-set-requ...@lists.owasp.org

You can reach the person managing the list at
        owasp-modsecurity-core-rule-set-ow...@lists.owasp.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Owasp-modsecurity-core-rule-set digest..."


Today's Topics:

    1. Update to
       
http://blog.spiderlabs.com/2011/08/modsecurity-advanced-topic-of-the-week-exception-handling.html
       (Christian Folini)


----------------------------------------------------------------------

Message: 1
Date: Mon, 16 Dec 2013 06:38:29 +0100
From: Christian Folini <christian.fol...@time-machine.ch>
To: owasp-modsecurity-core-rule-set@lists.owasp.org
Subject: [Owasp-modsecurity-core-rule-set] Update to
        
http://blog.spiderlabs.com/2011/08/modsecurity-advanced-topic-of-the-week-exception-handling.html
        
Message-ID: <20131216053829.GA26660@elias>
Content-Type: text/plain; charset=utf-8

Hi there,

The blog post
http://blog.spiderlabs.com/2011/08/modsecurity-advanced-topic-of-the-week-exception-handling.html
has been updated for changes in the rule engine. So I think it is still
the reference on the handling of false positives.

In the section on Anomaly Scoring Exceptions, the inbound anomaly score
is being referenced as tx.anomaly_score, while the core rules reference
it as tx.inbound_anomaly_score.

I think this should be fixed.

Cheers,

Christian



_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
Owasp-modsecurity-core-rule-set@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set














    











					Reply via email to