We are actually heavily using the feedback from cPanel in order to steer changes to the 3.0 rule setÅ in conjunction with my previous email this should kind of give you some insight. We are very thankful to cPanel for helping us with this telemetry data.
On 9/15/15, 11:18 AM, "owasp-modsecurity-core-rule-set-boun...@lists.owasp.org on behalf of OtherData" <owasp-modsecurity-core-rule-set-boun...@lists.owasp.org on behalf of i...@otherdata.com> wrote: >I am also interested in why the 2.2.9 rule set is still considered the >latest rule set, and 3.0 is not. The 3.0 ruleset appears to be now >bundled >with cPanel which is confusing as to why they would bundle it with cPanel >if >it is not stable. > > >Wesley Render, Consultant >http://scanmail.trustwave.com/?c=4062&d=ibz41bI2K9m7Ta3ev1ksnCpRdP9Fi1Gstr >VdQ3EjKQ&s=5&u=http%3a%2f%2fwww%2eotherdata%2ecom > > >-----Original Message----- >From: owasp-modsecurity-core-rule-set-boun...@lists.owasp.org >[mailto:owasp-modsecurity-core-rule-set-boun...@lists.owasp.org] On Behalf >Of owasp-modsecurity-core-rule-set-requ...@lists.owasp.org >Sent: September 15, 2015 6:00 AM >To: owasp-modsecurity-core-rule-set@lists.owasp.org >Subject: Owasp-modsecurity-core-rule-set Digest, Vol 77, Issue 5 > >Send Owasp-modsecurity-core-rule-set mailing list submissions to > owasp-modsecurity-core-rule-set@lists.owasp.org > >To subscribe or unsubscribe via the World Wide Web, visit > >http://scanmail.trustwave.com/?c=4062&d=ibz41bI2K9m7Ta3ev1ksnCpRdP9Fi1Gstu >QOSnFydg&s=5&u=https%3a%2f%2flists%2eowasp%2eorg%2fmailman%2flistinfo%2fow >asp-modsecurity-core-rule-set > >or, via email, send a message with subject or body 'help' to > owasp-modsecurity-core-rule-set-requ...@lists.owasp.org > >You can reach the person managing the list at > owasp-modsecurity-core-rule-set-ow...@lists.owasp.org > >When replying, please edit your Subject line so it is more specific than >"Re: Contents of Owasp-modsecurity-core-rule-set digest..." > > >Today's Topics: > > 1. Using 3.0 ruleset (kause lotski) > 2. Re: Some XSS evasions posted (Christian Folini) > > >---------------------------------------------------------------------- > >Message: 1 >Date: Mon, 14 Sep 2015 18:19:38 +0000 (UTC) >From: kause lotski <kause...@yahoo.com> >To: "owasp-modsecurity-core-rule-set@lists.owasp.org" > <owasp-modsecurity-core-rule-set@lists.owasp.org> >Subject: [Owasp-modsecurity-core-rule-set] Using 3.0 ruleset >Message-ID: > <1997255831.2489169.1442254778503.javamail.ya...@mail.yahoo.com> >Content-Type: text/plain; charset="utf-8" > >Hi, >as it seems 3.0 greatly improves extended character sets in unicode >handling >(false positives due to this characters), I would like to give it a try. >But >as structure has totally changed INSTALL instructions aren't correct >anymore >in 3.0 branch, can someone give me a quick guide? is there any ETA for >3.0 ? > >Regards,Kause >-------------- next part -------------- >An HTML attachment was scrubbed... >URL: ><http://scanmail.trustwave.com/?c=4062&d=ibz41bI2K9m7Ta3ev1ksnCpRdP9Fi1Gst >ugORHByKw&s=5&u=http%3a%2f%2flists%2eowasp%2eorg%2fpipermail%2fowasp-modse >curity-core-rule-set%2fattachment >s/20150914/aa5ab53e/attachment-0001.html> > >------------------------------ > >Message: 2 >Date: Tue, 15 Sep 2015 06:03:05 +0200 >From: Christian Folini <christian.fol...@time-machine.ch> >To: owasp-modsecurity-core-rule-set@lists.owasp.org >Subject: Re: [Owasp-modsecurity-core-rule-set] Some XSS evasions > posted >Message-ID: <20150915040305.GA18940@elias> >Content-Type: text/plain; charset=utf-8 > >Good morning, > >What is funny about the paper is, that he lists contact with all the other >vendors and how they reacted to his responsible disclosure, but this is >missing for ModSec. > >Has there been no contact / no interest to patch in due time? > >Ahoj, > >Christian > > >-- >It's easier to ask forgiveness, than it is to get permission. >-- Radm Grace Hopper, aka Amazing Grace > > > >------------------------------ > >_______________________________________________ >Owasp-modsecurity-core-rule-set mailing list >Owasp-modsecurity-core-rule-set@lists.owasp.org >http://scanmail.trustwave.com/?c=4062&d=ibz41bI2K9m7Ta3ev1ksnCpRdP9Fi1Gstu >QOSnFydg&s=5&u=https%3a%2f%2flists%2eowasp%2eorg%2fmailman%2flistinfo%2fow >asp-modsecurity-core-rule-set > > >End of Owasp-modsecurity-core-rule-set Digest, Vol 77, Issue 5 >************************************************************** > >_______________________________________________ >Owasp-modsecurity-core-rule-set mailing list >Owasp-modsecurity-core-rule-set@lists.owasp.org >http://scanmail.trustwave.com/?c=4062&d=ibz41bI2K9m7Ta3ev1ksnCpRdP9Fi1Gstu >QOSnFydg&s=5&u=https%3a%2f%2flists%2eowasp%2eorg%2fmailman%2flistinfo%2fow >asp-modsecurity-core-rule-set ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
