Hi, I was just having another look into the AuditConsole and stumbled over this screenshot: https://jwall.org/web/audit/console/screenshots/event-view2.png
What caught my eye was in the Rules Section "setvar:tx.paranoid_mode=0" and it made me curious what that is. I could find anything in the latest CRS and also noting in older version in the GitHub repo... Googling I found this old message from the mailing list: https://lists.owasp.org/pipermail/owasp-modsecurity-core-rule-set/2011-February/000621.html It shows a configuration with CRS 2.1.1 and there is a section -=[ Paranoid Mode ]=-... Reading the description, it sound something similar Christian and others like to achieve right now. Has anybody an idea why it was removed? It might be helpful for further consideration implementing the new paranoia mode... Regards, Lukas
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
