+1 On Tue, May 23, 2017 at 10:06:00AM -0400, Ed Greenberg wrote: > We've deployed 3.0.2 today. I had it in testing, and forgot that I needed to > push it out. I'll keep an eye on things. > > Thanks, > Ed > > On 05/23/2017 10:03 AM, Christian Folini wrote: > > Hi Ed, > > > > That's a mean one. > > > > You are suffering from this bug: > > https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/704 > > > > It's raising your score silently to 5 - without showing you the rule > > that triggered. > > > > Upgrading to 3.0.2 will solve this. If you still have problems, then > > you should hand the false positives. The tutorials at netnea.com > > can teach you how. > > > > Ahoj, > > > > Christian > > > > On Tue, May 23, 2017 at 09:40:07AM -0400, Ed Greenberg wrote: > > > On 05/23/2017 09:37 AM, Christian Folini wrote: > > > > Hey Ed, > > > > > > > > It is hard to help you without seeing the rule alert. The alerts you > > > > showed us are only the evaluation at the end. > > > Christian, > > > > > > Thanks for all you do to support these rules. I appreciate it. > > > > > > The entire log entry can be found at https://pastebin.com/6RSqP9Js > > > > > > Even pastebin required me to solve a captcha to post it, so it must > > > trigger > > > some sort of filter. > > > > > > Thanks, > > > > > > Ed >
-- https://www.feistyduck.com/training/modsecurity-training-course mailto:christian.fol...@netnea.com twitter: @ChrFolini _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
