[Owasp-modsecurity-core-rule-set] A Set of Performance Rules

Christian Folini christian.folini at time-machine.ch
Wed Sep 23 13:36:30 UTC 2015


Hello,

Chaim was kind enough to merge Achim's and my set of Header 
Injection Prevention rules into the v3.0.0-branch.

This was smooth, so let's try the process with a 2nd little set of
rules, which I use at time.

It's a set of performance rules, that do some measuring at different
phases and prepare the info into variables, which can then be logged.

It's more detailed then Stopwatch2 in the audit-log and the data is
prepared to be pushed into the access-log (or whatever you call it for
non-apache httpd servers).

For the 2.2.x ruleset, this would fit into the optional_rules folder,
but I am not sure about the right course of action for v3.0.0-dev.

Do you plan to include an optional_rules folder eventually, or would
you rather define a switch in modsecurity_crs_10_setup.conf.example,
which would then enable/disable the ruleset in two files like
rules/REQUEST-00-0-PERFORMANCE-START.conf
rules/RESPONSE-99-9-PERFORMANCE-END.conf
?

Ahoj,

Christian


-- 
Chains of habit are too light to be felt until they are too heavy
to be broken.        
-- Warren Buffett


More information about the Owasp-modsecurity-core-rule-set mailing list