[Owasp-modsecurity-core-rule-set] Xss rules- can these be simplified/combined ?

Rajeev Sethi rajeevsethi777 at yahoo.com
Wed May 19 04:08:51 EDT 2010


Hi all, 

I've noticed that core rule set comes loaded with several XSS filter, during my testing, I found that many filters from different categories (PHPID, IE8 etc) are hit. So, I am wondering, if someone has been able to reduce xss filters by removing redundant filters?

For example, I think IE8 XSS rule is always hit whenever I try XSS, so does it mean if I use ONLY IE8 XSS filter, I'm covered from XSS attacks? or, if I use only PHPIDS XSS filter, will I be missing any potential xss payloads? I'm hoping to find an "intersection" of all the rules. 

thoughts? 


      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-modsecurity-core-rule-set/attachments/20100519/d21ea784/attachment.html 


More information about the Owasp-modsecurity-core-rule-set mailing list