Re: [Owasp-modsecurity-core-rule-set] Rule 951100 is corrupted

Christian Folini Tue, 07 Mar 2017 08:17:04 -0800

Hi there,

Ooops. What is the problem? Here is the rule in question?


SecRule RESPONSE_BODY "@pmFromFile sql-errors.data" \
        "phase:response,\
        id:951100,\
        rev:'5',\
        ver:'OWASP_CRS/3.0.0',\
        pass,\
        nolog,\
        tag:'application-multi',\
        tag:'language-multi',\
        tag:'platform-multi',\
        tag:'attack-disclosure',\
        setvar:tx.sql_error_match=1,\
        t:none"

Is there something wrong with the mechanism or have you found an
sql-error not being listed in the data file? The latter is very well
possible and we would welcome submissions of additional error strings.

Ahoj,

Christian


On Tue, Mar 07, 2017 at 06:57:29PM +0330, Ehsan Mahdavi wrote:
> Hi All
> Rule 951100 in CRS 3 is not working.
> 
> be careful with that.

> _______________________________________________
> Owasp-modsecurity-core-rule-set mailing list
> Owasp-modsecurity-core-rule-set@lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set

_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
Owasp-modsecurity-core-rule-set@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set

Re: [Owasp-modsecurity-core-rule-set] Rule 951100 is corrupted

Reply via email to