[Owasp-modsecurity-core-rule-set] [JIRA] Resolved: (CORERULES-45) Hard coded anomaly scores in modsecurity_crs_41_phpids_filters.conf

Ryan Barnett (JIRA) rbarnett at trustwave.com
Wed Mar 2 14:13:07 EST 2011

     [ https://www.modsecurity.org/tracker/browse/CORERULES-45?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Ryan Barnett resolved CORERULES-45.

    Resolution: Won't Fix

The advanced filters file (which is the converted PHPIDS filters) is using hard coded anomaly score values as the PHPIDS team has good weighting for their scores for severity.  The macro expanded anomaly scores in the 10 config file have been changed so that the numbers are on a more similar scale as the PHPIDS rules.

> Hard coded anomaly scores in modsecurity_crs_41_phpids_filters.conf
> -------------------------------------------------------------------
>                 Key: CORERULES-45
>                 URL: https://www.modsecurity.org/tracker/browse/CORERULES-45
>             Project: Core Rules
>          Issue Type: Improvement
>      Security Level: Normal
>    Affects Versions: 2.0.6
>         Environment: All
>            Reporter: Thomas
>            Assignee: Ryan Barnett
> In modsecurity_crs_41_phpids_filters.conf tx.anomaly_score values are incremented by hard coded values, bypassing "Anomaly Scoring Severity Levels" in modsecurity_crs_10_config.conf

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators: https://www.modsecurity.org/tracker/secure/Administrators.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


More information about the Owasp-modsecurity-core-rule-set mailing list