Good writeup Christian! On 2/8/16, 2:59 AM, "owasp-modsecurity-core-rule-set-boun...@lists.owasp.org on behalf of Funk, Lukas" <owasp-modsecurity-core-rule-set-boun...@lists.owasp.org on behalf of lukas.f...@united-security-providers.ch> wrote:
>Hi Christian and all, > >I follow the discussion about the paranoia mode with great interest. I >think it could be a good starting point for ModSecurity users which do >not have the expert knowledge of the rules. > >Looking at your proposed structure of the paranoia mode setup, I think >it's on a good track. The structure is easy to understand! >Unfortunately I can't comment the different rules, as I don't have much >experience with them. > >Thanks to all of you putting such great effort to the CRS and I'm really >looking forward to version 3! > >Cheers, Lukas > > >>> Dear all, >>> >>> With the progress we are making on the rules front, it is time to talk >>>about >>> the way it could be implemented. >>> It's time for the show-me-the-code. He you go: >>> >>> >>>http://scanmail.trustwave.com/?c=4062&d=tN-41hG4qCjBMKf0XEE90boFBx23NXMA >>>8kit7zcE9Q&s=5&u=https%3a%2f%2fwww%2enetnea%2ecom%2fcms%2f2016%2f02%2f04 >>>%2fowasp-modsecurity-core-rules- >>> paranoia-mode-mechanics-proposal/ >>> >>> Feedback welcome! >>> >>> Christian ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
