Echelon17
- Total activity 27
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 0
- Subscriptions 6
Comments
Recent activity by Echelon17-
]I only mentioned my experience to let you know that I'm not speculating with what I say. I work with ModSecurity every day. I didn't claim you were speculating anything. It seemed very defensive o...
-
]I've managed modsecurity rules for a major hosting provider for many years. OK. And? Your personal experience and history are irrelevant to this discussion. Why are you bringing them up? Managing ...
-
]I like the idea, though usually, disabling a rule per URI is a bit better than globally. I.E. if the rule breaks stuff in wp-admin, just do SecRuleRemoveByID ##### This way, the rule is still ...
-
]This is EXACTLY my concern! Wasted a lot of time with preserving old rules, poor documentation and false positives! Here is the irony: The goal of these rules it to enforce automated protection,...
-
]1. That's what the 'rev' tag in rules is intended for; if a rule has an updated rev tag (revision) you should re-enable it to see if it works. Something automated for that would definitely be nice...
-
]That many eh? Thankfully we only had to remove 3 rules on our servers running WAF In their defence, they have been trying to update them and fix false positives as things progress, and the bulk of...
-
@Brian: Thanks for your response. I look forward to a 'report' feature, since I have a feeling it's going to be used quite heavily when live... Can you tell us more about how the rule updates will...
-
OWASP: False Positives You guys really screwed the pooch with the latest release. The OWASP rules are terrible and it's pretty obvious they haven't been tested very well. Within minutes of activat...