This is the CRS newsletter covering the period from Early November until
11/04/2017. *Please note the schedule change for next month*
We held our monthly community chat. We had quite a few people stop by.
Special thanks to lifeforms for leading the chat.
-
- lifeforms
- emphazer
- franbuehler
- spartantri
- fzipi
- hamlet_
Our agenda from before the chat is available here
<https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/972>. We had a
short chat, during the chat we discussed the following:
- @dune73 will be attending German Open Source Business Awards
<http://award.osb-alliance.de>. Chances look good that CRS will a top
performer. More information can be found here
<http://award.osb-alliance.de/2017/12/01/unsere-osbar-kandidaten-teil-1/>
- Using t:lowercase versus (?i) performance and best practice.
- There is currently no definitive answer
- A benchmark can be done using ModSecurity debug logs
- @spartantri will reach out to contacts to determine best approach
for measuring and update us next meeting.
- There are an excessive amount of open PRs and Issues
- All but three PRs have been assigned reviewers, we have to make a
dent this month.
- The Java rules, that are a key feature of 3.1 need some attention
- The older versions are available here:
https://github.com/SpiderLabs/owasp-modsecurity-crs/blob/95e7e6b3982eca93989c7948faca4a961737eace/rules/REQUEST-944-APPLICATION-ATTACK-JAVA.conf
- A new ticket will be opened taking into account discussions from
https://github.com/SpiderLabs/owasp-modsecurity-crs/pull/881/files
- Badging
- We may remove the gitter badge because we don't feel big enough for
two chats and IRC is preferred (more discussion next chat)
- We should investigate other functional badges using
https://github.com/OWASP/github-template as an example.
- General question about determine if it is possible to determine if
user is accessing via HOSTS file.
- It is not
- Travis and FTW PRs assigned to csanders
- #957 rule split: move part to PL3 to prevent JSON false positives
- PR #896 awaiting fgs update on the PR we think if the comments were
taken into account it would be a quick and nice merge, but for now it's
stalled
- Fizipi resolved the conflict 896 resolving the conflict on this one
The next community chats will be held on the following dates:
- January 8, 2018 20:30 CET *(Note: The change from our normal schedule)*
- February 5, 2018 20:30 CET
- March 5, 2018 20:30 CET
Some nice new blog posts have come out on coreruleset.org
- Core Rule Set Project Won a German OSBAR Award!
<https://coreruleset.org/wp-admin/post.php?post=604&action=edit>
- How You Can Help the CRS Project
<https://coreruleset.org/wp-admin/post.php?post=601&action=edit>
- The Top 5 Ways CRS Can Help You Fight the OWASP Top 10
<https://coreruleset.org/wp-admin/post.php?post=586&action=edit>
- Disassembling SQLi Rules
<https://coreruleset.org/wp-admin/post.php?post=563&action=edit>
--
--
Chaim Sanders
http://www.ChaimSanders.com
_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
Owasp-modsecurity-core-rule-set@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
