Has any one test this bypass against CRS
23 views
Skip to first unread message
Blason R
Dec 11, 2022, 10:41:19 PM12/11/22
to ModSecurity Core Rule Set project
Hi Team,
Not sure if anyone has checked and verify if this bypass is applicable to modsec crs?
Christian Folini
Dec 13, 2022, 2:17:46 AM12/13/22
to Blason R, ModSecurity Core Rule Set project
Hey, hey,
Yes, we did check and continuing to discuss it in the #coreruleset channel
on the OWASP slack. Feel free to join said discussion.
We are positive CRS detects this at PL2, while coverage at PL1 is spotty.
Best,
Christian
> --
> You received this message because you are subscribed to the Google Groups "ModSecurity Core Rule Set project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to modsecurity-core-rule-...@owasp.org.
> To view this discussion on the web visit https://groups.google.com/a/owasp.org/d/msgid/modsecurity-core-rule-set-project/CAPPXLT_f-TycFM2PRkr3arT2wLreSESdNGuP%2B-eK6wt37CKCnA%40mail.gmail.com.
Yes, we did check and continuing to discuss it in the #coreruleset channel
on the OWASP slack. Feel free to join said discussion.
We are positive CRS detects this at PL2, while coverage at PL1 is spotty.
Best,
Christian
> You received this message because you are subscribed to the Google Groups "ModSecurity Core Rule Set project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to modsecurity-core-rule-...@owasp.org.
> To view this discussion on the web visit https://groups.google.com/a/owasp.org/d/msgid/modsecurity-core-rule-set-project/CAPPXLT_f-TycFM2PRkr3arT2wLreSESdNGuP%2B-eK6wt37CKCnA%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages