Hi Franziska, thanks for bringing this up. I absolutely agree with you, and the others.
Since there has been no opposition so far, I will implement the ID assignment into our wiki documentation tomorrow. If there should come up any argumentation against it, it’s a quick change. Cheers, Noël > On 06 Mar 2016, at 09:57, Franziska Buehler > <franziska.buehler.schmoc...@gmail.com> wrote: > > Hello, > > We already have some stricter siblings for existing rules. > But we don’t have a numbering scheme for these new rules yet. > My suggestion would be as follows: > > The RuleIDs in CRS 3.0.0 count up in steps of 10. An obvious > possibility is to use the last digit. > Subsequent stricter clones of a main rule will be assigned the id of > the main rule plus the last digit incremented. > > For example, we produce a stricter sibling of the rule 920270. The new > stricter clone gets the id 920271. If we produce an even stricter > sibling, this rule will get the rule id 920272 and so on. > > We will not produce more than 5 different clones, because we defined > the paranoia levels from 0 to 4. So we have enough space. > > What are your thougts about this proposal? > > Regards, > Franziska > _______________________________________________ > Owasp-modsecurity-core-rule-set mailing list > Owasp-modsecurity-core-rule-set@lists.owasp.org > https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
