Thanks, I will try to test it on today/tomorrow. also noticed that useragent can also contain some random id string like ' 59e85179-1c46-4f3a-acd1-5c5f6967dc00' this might be related to scan task id? see grep from my logs:
https://pastebin.com/6wnitcXQ Eero On Wed, Mar 14, 2018 at 11:09 PM, Christian Folini < christian.fol...@netnea.com> wrote: > Hey Eero, > > Thank you for the suggestion. I just made this into a pull request. > > https://github.com/SpiderLabs/owasp-modsecurity-crs/pull/1039 > > Please try it out and confirm detection works as intended. > Ideally on github. > > Ahoj, > > Christian > > > > On Tue, Mar 13, 2018 at 02:20:30PM +0200, Eero Volotinen wrote: > > Hi, > > Please add entry for f-secure radar: > > #[1]https://www.f-secure.com/en/web/business_global/radar > > User-Agent: Mozilla/4.0 (Mozilla/4.0; MSIE 7.0; Windows NT 5.1; FDM; > > SV1; .NET CLR 3.0.04506.30) F-Secure Radar > > br, > > Eero > > > > References > > > > 1. https://www.f-secure.com/en/web/business_global/radar > > > _______________________________________________ > > Owasp-modsecurity-core-rule-set mailing list > > Owasp-modsecurity-core-rule-set@lists.owasp.org > > https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set > > > -- > https://www.feistyduck.com/training/modsecurity-training-course > https://www.feistyduck.com/books/modsecurity-handbook/ > mailto:christian.fol...@netnea.com > twitter: @ChrFolini >
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
