Hi everybody, As discussed earlier, I've found quite some issues with the PHP-related rules in CRSv3 rc1. To not increase the scope of the paranoia project too much, it’s better work on these issues separately.
I’ve created bugs on Github for all the problems/possible improvemenst I’ve found. Please check the bugs and add your opinions in the comments! Here is a list: - Rules not firing: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/289 - php-function-names.data additions: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/290 - Parentheses in php-function-names.data: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/291 - php-variables.data evasions: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/293 - Detect 'variable functions’: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/294 - Add PHP specific files to lfi-os-files.data: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/295 - Generic PHP serialized object injection: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/273 I’ll probably have time to start working on these from next week on, so it would be nice to get as much input as possible during this week. Cheers! WH _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
