We've deployed 3.0.2 today. I had it in testing, and forgot that I
needed to push it out. I'll keep an eye on things.
Thanks,
Ed
On 05/23/2017 10:03 AM, Christian Folini wrote:
Hi Ed,
That's a mean one.
You are suffering from this bug:
https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/704
It's raising your score silently to 5 - without showing you the rule
that triggered.
Upgrading to 3.0.2 will solve this. If you still have problems, then
you should hand the false positives. The tutorials at netnea.com
can teach you how.
Ahoj,
Christian
On Tue, May 23, 2017 at 09:40:07AM -0400, Ed Greenberg wrote:
On 05/23/2017 09:37 AM, Christian Folini wrote:
Hey Ed,
It is hard to help you without seeing the rule alert. The alerts you
showed us are only the evaluation at the end.
Christian,
Thanks for all you do to support these rules. I appreciate it.
The entire log entry can be found at https://pastebin.com/6RSqP9Js
Even pastebin required me to solve a captcha to post it, so it must trigger
some sort of filter.
Thanks,
Ed
_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
Owasp-modsecurity-core-rule-set@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
