ciao70
- Total activity 279
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 4
- Subscriptions 14
Comments
Recent activity by ciao70-
Modsecurity 2.9.7 released
-
Hi,
-
I don't know if I understood correctly, when you disable the 920600 rule you still have the problem? Once you deactivate a rule, it must be confirmed and published
-
Same problems with paypal and opayo. Tracked the various triggers and had the following list: 920600 920420 980130 Added these as global exemptions. Did not work. We have to add exemptions for ...
-
These issues depend on the security changes that have been implemented in Modsecurity 2.9.6 and OWASP 3.3.4
-
949100 ( absolutely must not be deactivated, it counts the anomalous score of the various rules) You need to disable only the individual rules that are creating the problem 920600 This rule restr...
-
Yes, it is the ruleset causing the issues AFAIK Check which rule is causing the problem. For example, I had to disable rule 920450: Restricted HTTP headers msg:'HTTP header is restricted by pol...
-
That brings a new problem now: [root@host ~]# /usr/local/cpanel/scripts/modsec_vendor update --auto info [modsec_vendor] Updates are in progress for all of the installed ModSecurity vendors with...
-
Our system was updated last night (~ 10pm GMT) and since paypal and Opayo/Sagepay transactions are failing for a mixture of reasons. Anyone else having problems? Hi, Do you use OWASP CRS?
-
CVE-2022-39956 " Content-Type or Content-Transfer-Encoding MIME header fields abuse CVE-2022-39957 " Charset accept header field resulting in response rule set bypass CVE-2022-39958 " Small range...