[Owasp-modsecurity-core-rule-set] Question about REQUEST-920-PROTOCOL-ENFORCEMENT.conf
edg at greenberg.org
Mon Jul 31 15:58:34 UTC 2017
On 07/31/2017 10:59 AM, Chaim Sanders wrote:
> The next rule you have highlighted is 920270. This indicates that a
> null byte was passed to a cookie. Null bytes are used in various
> attacks but are almost always avoided by legit applications. This rule
> can be found here:
I would very much like to see the audit log entry for the 920270 hit.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-modsecurity-core-rule-set