Hello, Our website is a directory that is to say we always have users who insert their data such as the URL of their website, télephonen, fax ... during validation by our team I noticed that the mo_security to prohibit the request because it contains URL: http://www.companyhacham.sitew.com/
Do you have a solution (secure) to allow url log: codeAction=1&entid=395342&bilid=345129&idMkt=518&denomination=&capital=100+000+&activite=COMPANY+HACHAM+offre+des+produits+et+services+de+grande+qualit%C3%A9+dans+les+domaines+de+%3A+Menuiserie+Aluminium%2C+PVC%2C+Inox%2C+Vitrine+en+Verre%2C+Cloisons+aluminium%2C+Cuisine+Moderne+Sur+Mesure%2C+Tablier+en+lames+Micro+perfor%C3%A9es%2C+Habillage+de+Fa%C3%A7ade.+(ALUCOBOND)%2C+Faux+Plafonds%2C+Mur+Rideau%2C+Moustiquaire%2C+les+Stores%2C+Travaux+divers.&effectif=0&effectifCadre=0&segmentEffectif=1&dateContribution=06%2F08%2F13+14%3A32&loginUser=sgh5% 40hotmail.fr&emailUser=sgh5%40hotmail.fr &id=518&denomination_validator=&rc_validator=&tribunal_validator=&fmj_validator=&capital_validator=&adresse_validator=&ville_validator=&activite_validator=&effectif_validator=&segmentEffectif_validator=&effectifCadre_validator=&telfaxmailweb_565=on&telfaxmailweb_565_validator=1&data_565=0618555477&type_565=1&idMktTelfaxmailweb_565=0&telfaxmailweb_566=on&telfaxmailweb_566_validator=1&data_566=companyhacham% 40gmail.com &type_566=3&idMktTelfaxmailweb_566=0&telfaxmailweb_567=on&telfaxmailweb_567_validator=1&data_567=http%3A%2F%2F*www.companyhacham.sitew.com <http://www.companyhacham.sitew.com>%2F&type_567=4&i* dMktTelfaxmailweb_567=0&statut=1&remarque= --c307bc39-F-- HTTP/1.1 403 Forbidden Content-Length: 245 Connection: close Content-Type: text/html; charset=iso-8859-1 Message: Access denied with code 403 (phase 2). Match of "beginsWith %{request_headers.host}" against "TX:1" required. [file "/etc/httpd/modsecurity-crs/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "163"] [id "950120"] [rev "3"] [msg "Possible Remote File Inclusion (RFI) Attack: Off-Domain Reference/Link"] [data "Matched Data: http://www.companyhacham.sitew.com/ found within TX:1: www.companyhacham.sitew.com/"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/WEB_ATTACK/RFI"] Thank you 2014-06-30 10:29 GMT+00:00 Ilyass Kaouam <ilyassi...@gmail.com>: > Hi Ryan, > > It's work. > > Thank you. > > > 2014-06-27 16:41 GMT+01:00 Ryan Barnett <ryan.barn...@owasp.org>: > >> This is what I recommend in these cases - >> >> 1. Create a positive security/input validation check against the >> parameter that is causing the false positive. In this case it is the >> "code" >> parameter. If it matches the expected input format, then move to step 2. >> 2. Then use the "ctl:ruleRemoveTargetById" action to conditionally >> remove ARGS:code from inspection for rule 981173 >> >> The rule would look something like this (not tested) >> >> SecRule ARGS:code "@rx ^[a-zA-z0-9\-_]+$" >> "phase:request,id:12345,nolog,pass,ctl:ruleRemoveTargetById=981173;ARGS:code" >> >> Place this rule in a modsecurity_crs_00_custom.conf file so that it runs >> BEFORE the normal CRS rules. >> >> In general, this approach is more secure than just simply removing a >> variable from inspection when you encounter a false positive. >> >> -Ryan >> >> From: Ilyass Kaouam <ilyassi...@gmail.com> >> Reply-To: <ilyassi...@gmail.com> >> Date: Friday, June 27, 2014 11:21 AM >> To: Jamie Riden <jamie.ri...@gmail.com> >> Cc: "owasp-modsecurity-core-rule-set@lists.owasp.org" < >> owasp-modsecurity-core-rule-set@lists.owasp.org> >> Subject: Re: [Owasp-modsecurity-core-rule-set] Problème with False >> Positives >> >> Hi >> >> Thank you that work excellent :) :) >> >> Now when i try connect with Facebook It's block 'false positive' >> >> log: >> >> *--be2b2979-H--* >> >> *Message: Access denied with code 403 (phase 2). Pattern match >> "([\\~\\!\\@\\#\\$\\%\\^\\&\\*\\(\\)\\-\\+\\=\\{\\}\\[\\]\\|\\:\\;\"\\'\\\xc2\xb4\\\xe2\x80\x99\\\xe2\x80\x98\\`\\<\\>].*?){4,}" >> at ARGS:code. [file >> "/etc/httpd/modsecurity-crs/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] >> [line "159"] [id "981173"] [rev "2"] [msg "Restricted SQL Character Anomaly >> Detection Alert - Total # of special characters exceeded"] [data "Matched >> Data: - found within ARGS:code: >> AQAZzUllyzvnMFeI1YdJ7btTKpmdrAZ3VS-n5iyorHDhHpSzG6gpoRuEnzi9nNpX4RY8XP1O8W3WOea-4NjU0r4S1QkiCKwpCea-smSIVe2WxCTEIu4eN7S4YVSENbyes9tTF_dt890NN64DhShsI72t5fusquL_iK7SIfEo03eaYNxIIn0IGAyY0l2IMUusVd24RFBiPKowLjRJrXC4NL02Ine0VJU0Nm57anPrK6gsuzMZG41hHbtWiqsyPtRusewjOOUmTMk0OTrXtm67sOUpCW7emT5gUsGKPlJy_efQ-Q5QTgpl0xcwOffuu4ATeBA"] >> [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag >> "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"]* >> >> *Action: Intercepted (phase 2)* >> >> *Apache-Handler: proxy-server* >> >> *Stopwatch: 1403881875314702 2150 (- - -)* >> >> *Stopwatch2: 1403881875314702 2150; combined=1886, p1=90, p2=1793, p3=0, >> p4=0, p5=3, sr=26, sw=0, l=0, gc=0* >> >> *Response-Body-Transformed: Dechunked* >> >> *Producer: ModSecurity for Apache/2.7.3 (http://www.modsecurity.org/ >> <http://www.modsecurity.org/>); OWASP_CRS/2.2.9. <http://2.2.9.>* >> >> *Server: Apache* >> >> *Engine-Mode: "ENABLED"* >> >> I can use >> SecRuleUpdateTargetById 960024 !ARGS:/^code/ >> >> OR it's dangerous ? >> >> >> >> >> 2014-06-27 16:08 GMT+01:00 Jamie Riden <jamie.ri...@gmail.com>: >> >>> Would >>> >>> SecRuleUpdateTargetById 960024 !ARGS:/^telfaxmailweb/ >>> >>> be better in this instance? (ie. anchor the start of line.) >>> >>> cheers, >>> Jamie >>> >>> On 27 June 2014 15:57, Josh Amishav-Zlatin <jam...@owasp.org> wrote: >>> > On Fri, Jun 27, 2014 at 5:41 PM, Ilyass Kaouam <ilyassi...@gmail.com> >>> wrote: >>> >> >>> >> hi thank you for your replay >>> >> BUT the problem is that the number telfaxmailweb_1_171833 / >>> >> telfaxmailweb_1_142609 .... changes (non-static). >>> >> have you an idea >>> >> >>> > >>> > Hi Ilyass, >>> > >>> > Try using a regex in your exception, e.g.: >>> > SecRuleUpdateTargetById 960024 !ARGS:/telfaxmailweb/ >>> > >>> > -- >>> > - Josh >>> > >>> >> >>> >> thank you >>> >> >>> >> >>> >> 2014-06-27 8:04 GMT+01:00 Josh Amishav-Zlatin <jam...@owasp.org>: >>> >> >>> >>> On Thu, Jun 26, 2014 at 5:43 PM, Ilyass Kaouam <ilyassi...@gmail.com >>> > >>> >>> wrote: >>> >>>> >>> >>>> Hi Josh. >>> >>>> >>> >>>> It's work very good thank you :) :) :) >>> >>>> >>> >>>> I have another block :( please help me >>> >>> >>> >>> >>> >>> Hi Ilyass, >>> >>> >>> >>> In this case there is a hyphen in the telfaxmailweb_1_171833 >>> parameter >>> >>> value. Try using the SecRuleUpdateTargetById directive, e.g. >>> >>> SecRuleUpdateTargetById 960024 !ARGS:telfaxmailweb_1_171833 >>> >>> >>> >>> For details see: >>> >>> >>> >>> >>> http://blog.spiderlabs.com/2011/08/modsecurity-advanced-topic-of-the-week-exception-handling.html >>> >>> >>> >>> -- >>> >>> - Josh >>> >>> >>> >>>> >>> >>>> log: >>> >>>> >>> >>>> >>> >>>> >>> >>>> --9b18757a-A-- >>> >>>> >>> >>>> [26/Jun/2014:16:35:15 +0200] U6wvo38AAAEAAFCgA4AAAAAK >>> >>>> >>> >>>> --9b18757a-B-- >>> >>>> >>> >>>> POST /beta/societe-contribEnt HTTP/1.1 >>> >>>> >>> >>>> Host: www. >>> >>>> >>> >>>> xxxx >>> >>>> . >>> >>>> xxx >>> >>>> >>> >>>> User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:30.0) >>> >>>> Gecko/20100101 Firefox/30.0 >>> >>>> >>> >>>> Accept: */* >>> >>>> >>> >>>> Accept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3 >>> >>>> >>> >>>> Accept-Encoding: gzip, deflate >>> >>>> >>> >>>> Content-Type: application/x-www-form-urlencoded; charset=UTF-8 >>> >>>> >>> >>>> X-Requested-With: XMLHttpRequest >>> >>>> >>> >>>> Referer: http://www. >>> >>>> >>> >>>> xxxx >>> >>>> .ma/beta/ >>> >>>> xxxxx >>> >>>> ?action=edit >>> >>>> >>> >>>> Content-Length: 1735 >>> >>>> >>> >>>> Cookie: JSESSIONID=2A3D8D47FE45427E1AAFC69A2FA48F7B; >>> >>>> __utma=111125463.1234468951.1403792976.1403792976.1403792976.1; >>> >>>> __utmb=111125463.7.10.1403792976; __utmc=111125463; >>> >>>> >>> __utmz=111125463.1403792976.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) >>> >>>> >>> >>>> Connection: keep-alive >>> >>>> >>> >>>> Pragma: no-cache >>> >>>> >>> >>>> Cache-Control: no-cache >>> >>>> >>> >>>> >>> >>>> --9b18757a-C-- >>> >>>> >>> >>>> >>> >>>> >>> codeAction=1&entid=151549&bilid=148614&idMkt=1628&denomination=INFORISK&denomination_dirty=&entrc=135529&entrc_dirty=&tribunal=12&tribunal_dirty=&fmj=Soci%C3%A9t%C3%A9+Anonyme&fmj_dirty=&capital=12+650+000+Dirhams&capital_dirty=&adresse=43%2C+Boulevard+D'anfa&adresse_dirty=&ville=1488&ville_dirty=&activite=+Collecte%2C+traitement+et+vente+des+informations+financi%C3%A8res%2C+l%C3%A9gales+et+commerciales&activite_dirty=&effectif_dirty=&effectif=30&segmentEffectif_dirty=&segmentEffectif=2&effectifCadre_dirty=&effectifCadre=0&telfaxmailweb_1_171833_dirty=&telfaxmailweb_1_171833=05-22-27-64-10&telfaxmailweb_1_142609_dirty=&telfaxmailweb_1_142609=05-22-42-90-87&telfaxmailweb_1_0_2_dirty=&telfaxmailweb_1_0_2=__-__-__-__-__&telfaxmailweb_1_0_3_dirty=&telfaxmailweb_1_0_3=__-__-__-__-__&telfaxmailweb_2_142611_dirty=&telfaxmailweb_2_142611=05-22-27-64-16&telfaxmailweb_2_0_1_dirty=&telfaxmailweb_2_0_1=__-__-__-__-__&telfaxmailweb_2_0_2_dirty=&telfaxmailweb_2_0_2=__-__-__-__-__&telfaxmailweb_2_0_3_dirty=&telfaxmailweb_2_0_3=__-__-__-__-__&telfaxmailweb_3_142612_dirty=&telfaxmailweb_3_142612=info% >>> 40inforisk.ma >>> &telfaxmailweb_3_0_1_dirty=&telfaxmailweb_3_0_1=&telfaxmailweb_3_0_2_dirty=&telfaxmailweb_3_0_2=&telfaxmailweb_3_0_3_dirty=&telfaxmailweb_3_0_3=&telfaxmailweb_4_142608_dirty=&telfaxmailweb_4_142608= >>> www.inforisk.ma >>> &telfaxmailweb_4_0_1_dirty=&telfaxmailweb_4_0_1=&telfaxmailweb_4_0_2_dirty=&telfaxmailweb_4_0_2=&telfaxmailweb_4_0_3_dirty=&telfaxmailweb_4_0_3=&idMktRefTypeContact_31241_dirty=&idMktRefTypeContact_31241=1&nom_31241=Ayouch&nom_31241_dirty=&prenom_31241=Khalid&prenom_31241_dirty=&tel_31241=__-__-__-__-__&tel_31241_dirty=&email_31241=test% >>> 40gmail.com&email_31241_dirty=1&contact_31241=1&contact_31241_dirty=1 >>> >>>> >>> >>>> --9b18757a-F-- >>> >>>> >>> >>>> HTTP/1.1 403 Forbidden >>> >>>> >>> >>>> Content-Length: 225 >>> >>>> >>> >>>> Connection: close >>> >>>> >>> >>>> Content-Type: text/html; charset=iso-8859-1 >>> >>>> >>> >>>> >>> >>>> --9b18757a-E-- >>> >>>> >>> >>>> >>> >>>> --9b18757a-H-- >>> >>>> >>> >>>> Message: Access denied with code 403 (phase 2). Pattern match >>> >>>> >>> "([\\~\\!\\@\\#\\$\\%\\^\\&\\*\\(\\)\\-\\+\\=\\{\\}\\[\\]\\|\\:\\;\"\\'\\\xc2\xb4\\\xe2\x80\x99\\\xe2\x80\x98\\`\\<\\>].*?){4,}" >>> >>>> at ARGS:telfaxmailweb_1_171833. [file >>> >>>> >>> "/etc/httpd/modsecurity-crs/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] >>> >>>> [line "159"] [id "981173"] [rev "2"] [msg "Restricted SQL Character >>> Anomaly >>> >>>> Detection Alert - Total # of special characters exceeded"] [data >>> "Matched >>> >>>> Data: - found within ARGS:telfaxmailweb_1_171833: 05-22-27-64-10"] >>> [ver >>> >>>> "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag >>> >>>> "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] >>> >>>> >>> >>>> Action: Intercepted (phase 2) >>> >>>> >>> >>>> Apache-Handler: proxy-server >>> >>>> >>> >>>> Stopwatch: 1403793315275899 22265 (- - -) >>> >>>> >>> >>>> Stopwatch2: 1403793315275899 22265; combined=9584, p1=187, p2=9377, >>> >>>> p3=0, p4=0, p5=20, sr=28, sw=0, l=0, gc=0 >>> >>>> >>> >>>> Response-Body-Transformed: Dechunked >>> >>>> >>> >>>> Producer: ModSecurity for Apache/2.7.3 (http://www.modsecurity.org/ >>> ); >>> >>>> OWASP_CRS/2.2.9. >>> >>>> >>> >>>> Server: Apache >>> >>>> >>> >>>> Engine-Mode: "ENABLED" >>> >>>> >>> >>>> >>> >>>> --9b18757a-Z-- >>> >>>> >>> >>>> >>> >>>> >>> >>>> >>> >>>> >>> >>>> 2014-06-26 13:44 GMT+01:00 Josh Amishav-Zlatin <jam...@owasp.org>: >>> >>>> >>> >>>>> On Thu, Jun 26, 2014 at 3:19 PM, Ilyass Kaouam < >>> ilyassi...@gmail.com> >>> >>>>> wrote: >>> >>>>>> >>> >>>>>> Hi guys. >>> >>>>>> >>> >>>>>> I not understand why modsecurity blocking my request with the >>> >>>>>> character "à" in french. >>> >>>>>> log: >>> >>>>> >>> >>>>> >>> >>>>> Hi Ilyass, >>> >>>>> >>> >>>>> Take a look at the SecUnicodeCodePage and SecUnicodeMapFile >>> directives. >>> >>>>> For more information see: >>> >>>>> >>> >>>>> http://blog.spiderlabs.com/2012/08/waf-normalization-and-i18n.html >>> >>>>> >>> >>>>> -- >>> >>>>> - Josh >>> >>>>> >>> >>>>> >>> >>>>> >>> >>>>> >>> >>>>>> >>> >>>>>> >>> >>>>>> --169a1612-A-- >>> >>>>>> >>> >>>>>> [26/Jun/2014:11:48:57 +0200] U6vsiX8AAAEAAEkNI7cAAAAQ >>> >>>>>> >>> >>>>>> --169a1612-B-- >>> >>>>>> >>> >>>>>> POST /beta/societe-xxxxxr HTTP/1.1 >>> >>>>>> >>> >>>>>> Host: www.xxxx.xx >>> >>>>>> >>> >>>>>> User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:30.0) >>> >>>>>> Gecko/20100101 Firefox/30.0 >>> >>>>>> >>> >>>>>> Accept: */* >>> >>>>>> >>> >>>>>> Accept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3 >>> >>>>>> >>> >>>>>> Accept-Encoding: gzip, deflate >>> >>>>>> >>> >>>>>> Content-Type: application/x-www-form-urlencoded; charset=UTF-8 >>> >>>>>> >>> >>>>>> X-Requested-With: XMLHttpRequest >>> >>>>>> >>> >>>>>> Referer: http://www.xxx.xxx/beta/societe-xxxx >>> >>>>>> >>> >>>>>> Content-Length: 760 >>> >>>>>> >>> >>>>>> Cookie: JSESSIONID=DC9410B3998A7E973EDBA0ED638F5B40; >>> >>>>>> __utma=111125463.1374472637.1403014671.1403719512.1403772965.34; >>> >>>>>> >>> __utmz=111125463.1403435014.17.3.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=(not%20provided); >>> >>>>>> __utmb=111125463.24.10.1403772965; __utmc=111125463; >>> >>>>>> JSESSIONID=EB7E51CFBA0B811E9335731DA6A26A08 >>> >>>>>> >>> >>>>>> Connection: keep-alive >>> >>>>>> >>> >>>>>> Pragma: no-cache >>> >>>>>> >>> >>>>>> Cache-Control: no-cache >>> >>>>>> >>> >>>>>> >>> >>>>>> --169a1612-C-- >>> >>>>>> >>> >>>>>> >>> >>>>>> >>> codeAction=1&entid=367928&bilid=321761&idMkt=672&denomination=&capital=10+000+&activite=PRODUCTION+DES+FILMS+CINEMATOGRAPHIQUES+ET+AUDIOVISEUL&effectif=0&effectifCadre=0&segmentEffectif=1&dateContribution=17%2F08%2F13+%C3%A0+15%3A41&loginUser=nabilchant% >>> 40hotmail.fr&emailUser=nabilchant%40hotmail.fr >>> &id=672&denomination_validator=&rc_validator=&tribunal_validator=&fmj_validator=&capital_validator=&adresse_validator=&ville_validator=&activite_validator=&effectif_validator=&segmentEffectif_validator=&effectifCadre_validator=&telfaxmailweb_734=on&telfaxmailweb_734_validator=1&data_734=0610357910&type_734=1&idMktTelfaxmailweb_734=0&telfaxmailweb_735=on&telfaxmailweb_735_validator=1&data_735=0633327850&type_735=1&idMktTelfaxmailweb_735=0&statut=1&remarque= >>> >>>>>> >>> >>>>>> --169a1612-F-- >>> >>>>>> >>> >>>>>> HTTP/1.1 403 Forbidden >>> >>>>>> >>> >>>>>> Content-Length: 245 >>> >>>>>> >>> >>>>>> Connection: close >>> >>>>>> >>> >>>>>> Content-Type: text/html; charset=iso-8859-1 >>> >>>>>> >>> >>>>>> >>> >>>>>> --169a1612-E-- >>> >>>>>> >>> >>>>>> >>> >>>>>> --169a1612-H-- >>> >>>>>> >>> >>>>>> Message: Access denied with code 403 (phase 2). Pattern match >>> >>>>>> "\\W{4,}" at ARGS:dateContribution. [file >>> >>>>>> >>> "/etc/httpd/modsecurity-crs/base_rules/modsecurity_crs_40_generic_attacks.conf"] >>> >>>>>> [line "37"] [id "960024"] [rev "2"] [msg "Meta-Character Anomaly >>> Detection >>> >>>>>> Alert - Repetative Non-Word Characters"] [data "Matched Data: >>> \xc3\xa0 >>> >>>>>> found within ARGS:dateContribution: 17/08/13 \xc3\xa0 15:41"] [ver >>> >>>>>> "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] >>> >>>>>> >>> >>>>>> Action: Intercepted (phase 2) >>> >>>>>> >>> >>>>>> Apache-Handler: proxy-server >>> >>>>>> >>> >>>>>> Stopwatch: 1403776137380257 11043 (- - -) >>> >>>>>> >>> >>>>>> Stopwatch2: 1403776137380257 11043; combined=642, p1=224, p2=399, >>> >>>>>> p3=0, p4=0, p5=19, sr=37, sw=0, l=0, gc=0 >>> >>>>>> >>> >>>>>> Response-Body-Transformed: Dechunked >>> >>>>>> >>> >>>>>> Producer: ModSecurity for Apache/2.7.3 ( >>> http://www.modsecurity.org/); >>> >>>>>> OWASP_CRS/2.2.9. >>> >>>>>> >>> >>>>>> Server: Apache >>> >>>>>> >>> >>>>>> Engine-Mode: "ENABLED" >>> >>>>>> >>> >>>>>> >>> >>>>>> --169a1612-Z-- >>> >>>>>> >>> >>>>>> >>> >>>>>> how to allow these types of characters. >>> >>>>>> >>> >>>>>> thank you. >>> >>>>>> >>> >>>>>> >>> >>>>>> >>> >>>>>> >>> >>>>>> >>> >>>>>> >>> >>>>>> >>> >>>>>> >>> >>>>>> _______________________________________________ >>> >>>>>> Owasp-modsecurity-core-rule-set mailing list >>> >>>>>> Owasp-modsecurity-core-rule-set@lists.owasp.org >>> >>>>>> >>> >>>>>> >>> https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set >>> >>>>>> >>> >>>>> >>> >>>> >>> >>>> >>> >>>> >>> >>>> -- >>> >>>> Ilyass kaouam >>> >>>> Systems administrator at Inforisk Group Finaccess >>> >>>> European Masters in Information Technology >>> >>>> Portable : (212) 6 34 57 14 36 >>> >>>> http://www.inforisk.ma >>> >>> >>> >>> >>> >> >>> >> >>> >> >>> >> -- >>> >> Ilyass kaouam >>> >> Systems administrator at Inforisk Group Finaccess >>> >> European Masters in Information Technology >>> >> Portable : (212) 6 34 57 14 36 >>> >> http://www.inforisk.ma >>> > >>> > >>> > >>> > _______________________________________________ >>> > Owasp-modsecurity-core-rule-set mailing list >>> > Owasp-modsecurity-core-rule-set@lists.owasp.org >>> > >>> https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set >>> > >>> >>> >>> >>> -- >>> Jamie Riden / ja...@honeynet.org / jamie.ri...@gmail.com >>> http://uk.linkedin.com/in/jamieriden >>> >> >> >> >> -- >> *Ilyass kaouam* >> *Systems administrator* >> * at Inforisk Group Finaccess * >> *European Masters in Information Technology* >> *Portable : (212) * >> *6 34 57 14 36**http://www.inforisk.ma <http://www.inforisk.ma>* >> _______________________________________________ >> Owasp-modsecurity-core-rule-set mailing list >> Owasp-modsecurity-core-rule-set@lists.owasp.org >> https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set >> >> > > > -- > *Ilyass kaouam* > *Systems administrator* > * at Inforisk Group Finaccess * > *European Masters in Information Technology* > *Portable : (212) * > *6 34 57 14 36**http://www.inforisk.ma <http://www.inforisk.ma>* > -- *Ilyass kaouam* *Systems administrator* * at Inforisk Group Finaccess * *European Masters in Information Technology* *Portable : (212) * *6 34 57 14 36**http://www.inforisk.ma <http://www.inforisk.ma>*
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
