From c258e743f20db9b81bfd4a1d1c66498233669689 Mon Sep 17 00:00:00 2001 From: Christian Folini Date: Wed, 10 May 2017 23:36:13 +0200 Subject: [PATCH 1/3] Remove debug rule --- rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf | 1 - 1 file changed, 1 deletion(-) diff --git a/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf b/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf index c40091e13..3da0f34d1 100644 --- a/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf +++ b/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf @@ -497,7 +497,6 @@ SecRule TX:CRS_VALIDATE_UTF8_ENCODING "@eq 1" \ # https://www.checkpoint.com/defense/advisories/public/2007/cpai-2007-201.html # https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/719 # -SecRule REQUEST_URI "(.*)" "msg:'got %{tx.0}',id:22,capture" SecRule REQUEST_URI|REQUEST_BODY "\%u[fF]{2}[0-9a-fA-F]{2}" \ "msg:'Unicode Full/Half Width Abuse Attack Attempt',\ id:920260,\ From a2edf9d75bf07c520878357dc8fa7d37f9f2aaf9 Mon Sep 17 00:00:00 2001 From: Christian Folini Date: Wed, 10 May 2017 23:37:45 +0200 Subject: [PATCH 2/3] Update CHANGES --- CHANGES | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGES b/CHANGES index 4785b6bcf..4f7400f52 100644 --- a/CHANGES +++ b/CHANGES @@ -5,6 +5,10 @@ or the CRS mailinglist at * https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set +== Version 3.0.2 - 5/FIXME/2017 == + + * Remove debug rule that popped up in 3.0.1 (Christian Folini) + == Version 3.0.1 - 5/9/2017 == * SECURITY: Removed insecure handling of X-Forwarded-For header; From 5ed04f486410b3908f496cb8e24c59998827ef0c Mon Sep 17 00:00:00 2001 From: Chaim Sanders Date: Thu, 11 May 2017 12:15:59 -0400 Subject: [PATCH 3/3] Adding updates for releasing 302 --- crs-setup.conf.example | 4 ++-- rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.example | 2 +- rules/REQUEST-901-INITIALIZATION.conf | 4 ++-- rules/REQUEST-903.9001-DRUPAL-EXCLUSION-RULES.conf | 2 +- rules/REQUEST-903.9002-WORDPRESS-EXCLUSION-RULES.conf | 2 +- rules/REQUEST-905-COMMON-EXCEPTIONS.conf | 2 +- rules/REQUEST-910-IP-REPUTATION.conf | 2 +- rules/REQUEST-911-METHOD-ENFORCEMENT.conf | 2 +- rules/REQUEST-912-DOS-PROTECTION.conf | 2 +- rules/REQUEST-913-SCANNER-DETECTION.conf | 2 +- rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf | 2 +- rules/REQUEST-921-PROTOCOL-ATTACK.conf | 2 +- rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf | 2 +- rules/REQUEST-931-APPLICATION-ATTACK-RFI.conf | 2 +- rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf | 2 +- rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf | 2 +- rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf | 2 +- rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf | 2 +- rules/REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION.conf | 2 +- rules/REQUEST-949-BLOCKING-EVALUATION.conf | 2 +- rules/RESPONSE-950-DATA-LEAKAGES.conf | 2 +- rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf | 2 +- rules/RESPONSE-952-DATA-LEAKAGES-JAVA.conf | 2 +- rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf | 2 +- rules/RESPONSE-954-DATA-LEAKAGES-IIS.conf | 2 +- rules/RESPONSE-959-BLOCKING-EVALUATION.conf | 2 +- rules/RESPONSE-980-CORRELATION.conf | 2 +- rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf.example | 2 +- 28 files changed, 30 insertions(+), 30 deletions(-) diff --git a/crs-setup.conf.example b/crs-setup.conf.example index ec96fc031..0466eeec1 100644 --- a/crs-setup.conf.example +++ b/crs-setup.conf.example @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under @@ -771,4 +771,4 @@ SecAction \ nolog,\ pass,\ t:none,\ - setvar:tx.crs_setup_version=300" + setvar:tx.crs_setup_version=302" diff --git a/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.example b/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.example index 01e7101f4..c58bea01e 100644 --- a/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.example +++ b/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.example @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/REQUEST-901-INITIALIZATION.conf b/rules/REQUEST-901-INITIALIZATION.conf index 5b12b3c26..6eec8ee67 100644 --- a/rules/REQUEST-901-INITIALIZATION.conf +++ b/rules/REQUEST-901-INITIALIZATION.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under @@ -25,7 +25,7 @@ # # Ref: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#wiki-SecComponentSignature # -SecComponentSignature "OWASP_CRS/3.0.0" +SecComponentSignature "OWASP_CRS/3.0.2" # diff --git a/rules/REQUEST-903.9001-DRUPAL-EXCLUSION-RULES.conf b/rules/REQUEST-903.9001-DRUPAL-EXCLUSION-RULES.conf index c8d841109..40d9bbe4e 100644 --- a/rules/REQUEST-903.9001-DRUPAL-EXCLUSION-RULES.conf +++ b/rules/REQUEST-903.9001-DRUPAL-EXCLUSION-RULES.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/REQUEST-903.9002-WORDPRESS-EXCLUSION-RULES.conf b/rules/REQUEST-903.9002-WORDPRESS-EXCLUSION-RULES.conf index 68196e7b8..c6ca8ec51 100644 --- a/rules/REQUEST-903.9002-WORDPRESS-EXCLUSION-RULES.conf +++ b/rules/REQUEST-903.9002-WORDPRESS-EXCLUSION-RULES.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/REQUEST-905-COMMON-EXCEPTIONS.conf b/rules/REQUEST-905-COMMON-EXCEPTIONS.conf index c4f9c79eb..d11efa692 100644 --- a/rules/REQUEST-905-COMMON-EXCEPTIONS.conf +++ b/rules/REQUEST-905-COMMON-EXCEPTIONS.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/REQUEST-910-IP-REPUTATION.conf b/rules/REQUEST-910-IP-REPUTATION.conf index 73ce0fdfd..218eb3611 100644 --- a/rules/REQUEST-910-IP-REPUTATION.conf +++ b/rules/REQUEST-910-IP-REPUTATION.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/REQUEST-911-METHOD-ENFORCEMENT.conf b/rules/REQUEST-911-METHOD-ENFORCEMENT.conf index ced326d86..793a2a1d8 100644 --- a/rules/REQUEST-911-METHOD-ENFORCEMENT.conf +++ b/rules/REQUEST-911-METHOD-ENFORCEMENT.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/REQUEST-912-DOS-PROTECTION.conf b/rules/REQUEST-912-DOS-PROTECTION.conf index 27633cf6b..37288850d 100644 --- a/rules/REQUEST-912-DOS-PROTECTION.conf +++ b/rules/REQUEST-912-DOS-PROTECTION.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/REQUEST-913-SCANNER-DETECTION.conf b/rules/REQUEST-913-SCANNER-DETECTION.conf index 635b81edf..1f9b2ed08 100644 --- a/rules/REQUEST-913-SCANNER-DETECTION.conf +++ b/rules/REQUEST-913-SCANNER-DETECTION.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf b/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf index 3da0f34d1..24126bae3 100644 --- a/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf +++ b/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/REQUEST-921-PROTOCOL-ATTACK.conf b/rules/REQUEST-921-PROTOCOL-ATTACK.conf index 2ccd59dd4..361200067 100644 --- a/rules/REQUEST-921-PROTOCOL-ATTACK.conf +++ b/rules/REQUEST-921-PROTOCOL-ATTACK.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf b/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf index 1c5115829..49b5b0e3b 100644 --- a/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf +++ b/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/REQUEST-931-APPLICATION-ATTACK-RFI.conf b/rules/REQUEST-931-APPLICATION-ATTACK-RFI.conf index d2256a67d..ba2f9cc55 100644 --- a/rules/REQUEST-931-APPLICATION-ATTACK-RFI.conf +++ b/rules/REQUEST-931-APPLICATION-ATTACK-RFI.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf b/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf index b0332603a..2d05f751c 100644 --- a/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf +++ b/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf b/rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf index 554721ffa..d331e1ff7 100644 --- a/rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf +++ b/rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf b/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf index 5b0263990..1af2320e0 100644 --- a/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf +++ b/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf b/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf index cba1406b8..013d973f2 100644 --- a/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf +++ b/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION.conf b/rules/REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION.conf index 28a1f40e6..ad5826aa1 100644 --- a/rules/REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION.conf +++ b/rules/REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/REQUEST-949-BLOCKING-EVALUATION.conf b/rules/REQUEST-949-BLOCKING-EVALUATION.conf index f8397e67b..361fbfa68 100644 --- a/rules/REQUEST-949-BLOCKING-EVALUATION.conf +++ b/rules/REQUEST-949-BLOCKING-EVALUATION.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/RESPONSE-950-DATA-LEAKAGES.conf b/rules/RESPONSE-950-DATA-LEAKAGES.conf index 40aff8f70..6970c4134 100644 --- a/rules/RESPONSE-950-DATA-LEAKAGES.conf +++ b/rules/RESPONSE-950-DATA-LEAKAGES.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf b/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf index c0a911e62..4430ba585 100644 --- a/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf +++ b/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/RESPONSE-952-DATA-LEAKAGES-JAVA.conf b/rules/RESPONSE-952-DATA-LEAKAGES-JAVA.conf index c7ceeeefb..729a8d3e9 100644 --- a/rules/RESPONSE-952-DATA-LEAKAGES-JAVA.conf +++ b/rules/RESPONSE-952-DATA-LEAKAGES-JAVA.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf b/rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf index 2a010f79b..8f0fe9ff0 100644 --- a/rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf +++ b/rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/RESPONSE-954-DATA-LEAKAGES-IIS.conf b/rules/RESPONSE-954-DATA-LEAKAGES-IIS.conf index f4d1b2ec4..7dcb451f4 100644 --- a/rules/RESPONSE-954-DATA-LEAKAGES-IIS.conf +++ b/rules/RESPONSE-954-DATA-LEAKAGES-IIS.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/RESPONSE-959-BLOCKING-EVALUATION.conf b/rules/RESPONSE-959-BLOCKING-EVALUATION.conf index 07efb81eb..cd8cd4050 100644 --- a/rules/RESPONSE-959-BLOCKING-EVALUATION.conf +++ b/rules/RESPONSE-959-BLOCKING-EVALUATION.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/RESPONSE-980-CORRELATION.conf b/rules/RESPONSE-980-CORRELATION.conf index 1a127f570..4392fb8c2 100644 --- a/rules/RESPONSE-980-CORRELATION.conf +++ b/rules/RESPONSE-980-CORRELATION.conf @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under diff --git a/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf.example b/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf.example index bce530371..74a764c97 100644 --- a/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf.example +++ b/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf.example @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------ -# OWASP ModSecurity Core Rule Set ver.3.0.0 +# OWASP ModSecurity Core Rule Set ver.3.0.2 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under