[Owasp-modsecurity-core-rule-set] [mod-security-users] crs ruleset and trace method?

Eero Volotinen eero.volotinen at iki.fi
Wed Mar 21 10:11:15 UTC 2018


Not enought familiar with modsecurity.

Just wondering, that there is no any rule to block trace in crs. is there
easy way to implement that?

--
Eero

On Wed, Mar 21, 2018 at 11:53 AM, Christian Folini <
christian.folini at netnea.com> wrote:

> Hey Eero,
>
> The TRACE method is somewhat special. At least in Apache. The request
> skips phase 2 and thus the CRS rule covering tx.allowed_methods.
>
> There are discussions to move this block of rules to phase 1 though.
> https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1015
>
> You may want to chime in there.
>
> Ahoj,
>
> Christian
>
> On Wed, Mar 21, 2018 at 09:15:52AM +0200, Eero Volotinen wrote:
> > Hi,
> >
> > Just noticed that crs ruleset is not blocking trace method, even
> > setvar:'tx.allowed_methods=GET POST'"
> >
> > Is this a bug?
> >
> > Eero
>
> > ------------------------------------------------------------
> ------------------
> > Check out the vibrant tech community on one of the world's most
> > engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>
> > _______________________________________________
> > mod-security-users mailing list
> > mod-security-users at lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/mod-security-users
> > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
> > http://www.modsecurity.org/projects/commercial/rules/
> > http://www.modsecurity.org/projects/commercial/support/
>
>
> --
> https://www.feistyduck.com/training/modsecurity-training-course
> https://www.feistyduck.com/books/modsecurity-handbook/
> mailto:christian.folini at netnea.com
> twitter: @ChrFolini
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> mod-security-users mailing list
> mod-security-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/mod-security-users
> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
> http://www.modsecurity.org/projects/commercial/rules/
> http://www.modsecurity.org/projects/commercial/support/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-modsecurity-core-rule-set/attachments/20180321/73133166/attachment-0001.html>


More information about the Owasp-modsecurity-core-rule-set mailing list