<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:"Calibri Light";
        panose-1:2 15 3 2 2 2 4 3 2 4;}
@font-face
        {font-family:Tahoma;
        panose-1:2 11 8 4 3 5 4 4 2 4;}
@font-face
        {font-family:Consolas;
        panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:#0563C1;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:#954F72;
        text-decoration:underline;}
span.EmailStyle17
        {mso-style-type:personal-compose;
        font-family:"Calibri",sans-serif;
        color:windowtext;}
span.apple-converted-space
        {mso-style-name:apple-converted-space;}
.MsoChpDefault
        {mso-style-type:export-only;
        font-family:"Calibri",sans-serif;}
@page WordSection1
        {size:612.0pt 792.0pt;
        margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
        {page:WordSection1;}
--></style>
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt;color:black">Hi ModSecurity CRS Mailing List members,</span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black"> </span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black">I am running into issue with CI for my GitLab. After enabling mod_security (crs-3.0.0), I’ve got few errors and latest one I am not able to resolve – it relates to the request content type (</span><span style="font-size:10.5pt;font-family:"Arial",sans-serif;color:#505354;background:#F7F7F7">application/x-git-upload-pack-request)</span><span style="font-size:11.0pt;color:black"> is
 not allowed by policy. I found two places where I can add exception to allow content types, but enabling this doesn’t work -> please see the log below.</span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black"> </span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;color:black">Files:</span></b><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black">/usr/local/owasp-modsecurity-crs-3.0.0/crs-setup.conf</span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black">and</span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black">/usr/local/owasp-modsecurity-crs-3.0.0/rules/REQUEST-901-INITIALIZATION.conf</span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black"> </span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;color:black">Result is still:</span></b><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black"> </span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.5pt;font-family:"Arial",sans-serif;color:#505354;background:#F7F7F7">ModSecurity: Warning. Matched "Operator </span><span style="font-size:9.0pt;font-family:Consolas;color:#333333;background:#F8F8F8">Rx' with parameter</span><span style="font-size:10.5pt;font-family:"Arial",sans-serif;color:#505354;background:#F7F7F7">^application/x-www-form-urlencoded|multipart/form-data|text/xml|application/xml|application/x-amf|application/json|text/plain|application/x-git-upload-pack-request'$'
 against variable </span><span style="font-size:9.0pt;font-family:Consolas;color:#333333;background:#F8F8F8">TX:0' (Value:</span><span style="font-size:10.5pt;font-family:"Arial",sans-serif;color:#505354;background:#F7F7F7">application/x-git-upload-pack-request'
 ) [file "/usr/local/owasp-modsecurity-crs-3.0.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "911"] [id "920420"] [rev "2"] [msg "Request content type is not allowed by policy"] [data "application/x-git-upload-pack-request"] [severity "2"] [ver "OWASP_CRS/3.0.0"]
 [maturity "9"] [accuracy "9"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS/POLICY/ENCODING_NOT_ALLOWED"] [tag "WASCTC/WASC-20"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/EE2"] [tag "PCI/12.1"]
 [hostname "23.100.14.202"] [uri "/ilia.shakitko/pass357.git/git-upload-pack"] [unique_id "153088618260.910992"] [ref "v0,4o0,37o0,37v232,37"]</span><span style="font-size:10.5pt;font-family:"Arial",sans-serif;color:#505354"><br>
<span style="background:#F7F7F7">ModSecurity: Access denied with code 403 (phase 2). Matched "Operator </span></span><span style="font-size:9.0pt;font-family:Consolas;color:#333333;background:#F8F8F8">Ge' with parameter</span><span style="font-size:10.5pt;font-family:"Arial",sans-serif;color:#505354;background:#F7F7F7">5'
 against variable </span><span style="font-size:9.0pt;font-family:Consolas;color:#333333;background:#F8F8F8">TX:ANOMALY_SCORE' (Value:</span><span style="font-size:10.5pt;font-family:"Arial",sans-serif;color:#505354;background:#F7F7F7">5' ) [file "/usr/local/owasp-modsecurity-crs-3.0.0/rules/REQUEST-949-BLOCKING-EVALUATION.conf"]
 [line "36"] [id "949110"] [rev ""] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [data ""] [severity "2"] [ver ""] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname
 "23.100.14.202"] [uri "/ilia.shakitko/pass357.git/git-upload-pack"] [unique_id "153088618260.910992"] [ref ""]</span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black"> </span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black">What am I doing wrong? And how to win the challenge? Looks like the changes I mage should just work…<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black">Thank you in advance.</span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black"> </span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Tahoma",sans-serif;color:#6D6D6D">Met vriendelijke groet / With kind regards,</span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#18376A"> </span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><b><span style="font-size:14.0pt;font-family:"Calibri Light",sans-serif;color:#6C6C6C">Ilia Shakitko</span></b><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:black"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
</div>
<br>
<hr>
<font face="Arial" color="Gray" size="1"><br>
This message is for the designated recipient only and may contain privileged, proprietary, or otherwise confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by
 you is prohibited. Where allowed by local law, electronic communications with Accenture and its affiliates, including e-mail and instant messaging (including content), may be scanned by our systems for the purposes of information security and assessment of
 internal compliance with Accenture policy. Your privacy is important to us. Accenture uses your personal data only in compliance with data protection laws. For further information on how Accenture processes your personal data, please see our privacy statement
 at https://www.accenture.com/us-en/privacy-policy. <br>
______________________________________________________________________________________<br>
<br>
www.accenture.com<br>
</font>
</body>
</html>