Hi, On Mon, Dec 04, 2017 at 04:07:00PM +0100, Cristian Mammoli wrote: > In REQUEST-901 thresholds are set to default if not already set, I know.
Sorry, I jumped to conclusions too quickly then. > There are no conditionals like in 901100. > > What am I missing? The problem sounds as if you would have to raise the debug log level and work your way through the file to see which rule sets which value and in what order. Ahoj, Christian > > Ty > > > Il 04/12/2017 14:47, Christian Folini ha scritto: > > Hey Cristian, > > > > No, this works perfectly. Let me tell you why: > > > > The crs-setup.conf does not actually set the threshold. Instead the > > REQUEST-901 initialization file sets the threshold to the default value > > if it is not set. > > > > You are setting the anomaly score in your rule file in modsecurity, so no > > need to set it to the default during the initialization. > > > > This is very close to what I personally favor: Setting it in the server > > config and not in an include. That way the threshold is always in plane > > sight. > > Same for paranoia level btw. > > > > Ahoj, > > > > Christian -- https://www.feistyduck.com/training/modsecurity-training-course https://www.feistyduck.com/books/modsecurity-handbook/ mailto:christian.fol...@netnea.com twitter: @ChrFolini _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
