Are you using OWASP CRS and cPanel? We are happy to announce that cPanel has just added the ability to 'Report a Rule'. We are very excited about this new feature because, as we all know, a WAF is only as good as its ruleset. If you are using cPanel with OWASP CRS and you find that a rule is not working correctly we highly encourage you to follow the steps outlined at https://documentation.cpanel.net/display/ALD/ModSecurity+Tools#ModSecurityTools-Reportarule. This will file a report about the rule directly with the ModSecurity team and we will do our best to quickly address the concern. We'd like to thank the cPanel team for going the extra mile in implementing this feature, we really do think it will make everyone more secure. If you are not using cPanel please remember to open issues on GitHub or email the mailing list if you find a bug. We are always on the lookout for how to improve our rules.
Chaim Sanders Security Researcher, SpiderLabs Trustwave | SMART SECURITY ON DEMAND www.trustwave.com<http://www.trustwave.com/> ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
