[Owasp-modsecurity-core-rule-set] Lots of troubles with rules and shared hosting
turgut at kalfaoglu.com
Mon Jan 11 15:31:45 EST 2010
Sorry I should have mentioned that "I downloaded the latest rules, and
applied only the base rules, not the optional ones.."
On 01/11/2010 10:24 PM, turgut kalfaoğlu wrote:
> I recently upgraded the modsecurity 2.something to the latest version.
> But these two rulesets are giving me much headache:
> For example, a plain HTML web site, but the JPG files are oddly named:
> Dumps over a page of "Messages:" in the audit file, talking about
> probably a dozen rules or so that are broken.
> The following dynamic site, is likewise:
> ... belches pages and pages of code, even at debug level 3.
> The web server has over 300 hostings - Joomla, PhpNuke, Wordpress,
> homebrew, and plain HTML.
> I spent two whole days editing out the core rules, but finally had to
> give up on the "phpids" rulesets altogether.
> Was there a better way?
> Owasp-modsecurity-core-rule-set mailing list
> Owasp-modsecurity-core-rule-set at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-modsecurity-core-rule-set