msklut
- Total activity 88
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 2
- Subscriptions 13
Comments
Recent activity by msklut-
I'll run that by the team in next week's features meeting! Just following up to see if you had any updates since the meeting. Thanks!
-
Unfortunately none of the tools you mention work with domain names as they all only scan IP addresses, so I don't have much help to provide with those. I noticed there was a
-
This method worked:
-
Based on Apache 2.4, would this be the preferred 'HTTPS redirect' method? NameVirtualHost *:80 ServerName www.yourdomain.com Redirect / https://www.yourdomain.com
-
I gave that a try, but it still doesn't redirect to HTTPS when I access that directory.
-
These rules are actually exclusion rules, designed to mitigate problems from false-positives in the ModSecurity system. In the past, you had to manually remove rules one at a time as they came up...
-
That is intentional - you can always customize the configuration further after the update. Any of those disabled rules that you would recommend enabling?
-
Sure thing! I successfully upgraded to OWASP CRS 3.3 today, thanks again for the help. However, I noticed OWASp only had 22/32 rules enabled. Was that on purpose? The disabled rules are listed ...
-
OK, perfect. Thank you for testing this!
-
The only change inside WHM >> ModSecurity Vendors will be the wording of the rules. You'll see this: OWASP ModSecurity Core Rule Set V3.0 change to this: OWASP CRS v3.x ...