Modsecurity 2.9.8 Released
Hi,
Modsecurity 2.9.8 has been officially released, when is it expected to be released by cpanel?
https://github.com/owasp-modsecurity/ModSecurity/releases/tag/v2.9.8
Thanks
-
mod_security 2.9.7 was added to cPanel on the 16th of Feb 2023 ( https://support.cpanel.net/hc/en-us/community/posts/19163810661911-EasyApache-February-16-Release) after being released on the 5th of Jan 2023 ( https://www.trustwave.com/en-us/resources/security-resources/software-updates/announcing-modsecurity-version-297/ ) so I would have expected 2.9.8 released in September last year to have been added already.
It might be worth submitting it to the roadmap at https://features.cpanel.net/tabs/11-planned-roadmap/submit-idea to encourage cPanel to add it - emphasis what features you need from it that 2.9.7 doesn't currently offer (apart from a few memory leak issues and the MULTIPART HEADER check, I can't seen much myself: but the change in the error log format *might* require considerable changes to the parsing cPanel does on the log files - hence why the "reward/risk" ratio may skew in to the "not worth doing at the moment" side of things)
0 -
Our team has case EA-12604 open to get ModSec updated to the latest version. We're still doing some testing with it on our end, but it will hopefully be released soon.
0 -
Hi CPrex,
Do you know if OWASP CRS will also be updated from version 3.3.X (3.3.7) to 4.x.x (4.11.1)?
Thanks
0 -
At this time, no. Our team has case EA-12674 to see if it is compatible with our existing tools, but I don't have any updates about that just yet.
0 -
Thanks :)
0 -
Sure thing!
0
Please sign in to leave a comment.
Comments
6 comments