-
Notifications
You must be signed in to change notification settings - Fork 1.6k
Issues: owasp-modsecurity/ModSecurity
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
Unicode encoding (table) problem on engine level leading to CRS false positives (U+062F and U+D8AF resolving to slash)
2.x
Related to ModSecurity version 2.x
3.x
Related to ModSecurity version 3.x
#3294
opened Nov 4, 2024 by
dune73
Segment error occurs after calling msc_set_log_cb set callback function
#3292
opened Nov 1, 2024 by
dkwang2024
How to Add UNIQUE_ID to Response Headers?
3.x
Related to ModSecurity version 3.x
#3290
opened Oct 30, 2024 by
meguoe
using iptables marks or ipsets
2.x
Related to ModSecurity version 2.x
#3289
opened Oct 29, 2024 by
f1-outsourcing
Custom Response Body Rule Not Blocking for Responses Larger Than 1KB
3.x
Related to ModSecurity version 3.x
#3282
opened Oct 18, 2024 by
Dr-Lazarus-V2
setvar never increments
3.x
Related to ModSecurity version 3.x
#3278
opened Oct 15, 2024 by
sharmashivanand
Building ModSecurity Dynamic Module: Should I use ./configure --with-pcre2 for libmodsecurity and Nginx Connector?
3.x
Related to ModSecurity version 3.x
#3277
opened Oct 15, 2024 by
Danrancan
Building from (Which) Source. Compilation recipe's instructions using outdate (SpiderLabs) URL's. On Purpose?
3.x
Related to ModSecurity version 3.x
#3276
opened Oct 15, 2024 by
Danrancan
SSL cert entry logs are not present in /var/logs/modsec_auddit.log file.
3.x
Related to ModSecurity version 3.x
#3272
opened Oct 9, 2024 by
vivekch0976
ModSecurity Audit Logs Showing Numeric Severity Instead of String Defined in Rules and Incorrect Severity Mapping
3.x
Related to ModSecurity version 3.x
#3271
opened Oct 8, 2024 by
rohithmulka
Inconsistent use of SecArgumentsLimit in Recommended Rules
2.x
Related to ModSecurity version 2.x
config
Related to default config
#3261
opened Sep 25, 2024 by
studersi
Escape double quotation mark character in non-regex operator
3.x
Related to ModSecurity version 3.x
bug
It is a confirmed bug
#3252
opened Sep 10, 2024 by
capy3ra
An error occurred when compiling and installing modsecurity
3.x
Related to ModSecurity version 3.x
#3242
opened Aug 27, 2024 by
yancong303
rx: regex error 'MATCH_LIMIT' for pattern
3.x
Related to ModSecurity version 3.x
#3237
opened Aug 23, 2024 by
Lathanderjk
Review and document multi-threading support and limitations
3.x
Related to ModSecurity version 3.x
#3215
opened Aug 7, 2024 by
eduar-hte
libModSecurity3: all triggered rule IDs sometimes won't be logged with anomaly scoring
3.x
Related to ModSecurity version 3.x
bug
It is a confirmed bug
#3204
opened Aug 2, 2024 by
EsadCetiner
Discussion about 'hostname' field in log
3.x
Related to ModSecurity version 3.x
#3200
opened Jul 29, 2024 by
airween
[BUG] multiMatch lead to unexpected match
3.x
Related to ModSecurity version 3.x
bug
It is a confirmed bug
#3183
opened Jul 15, 2024 by
leveryd
No error log if noauditlog is set
3.x
Related to ModSecurity version 3.x
bug
It is a confirmed bug
#3180
opened Jul 8, 2024 by
Rapsody09
Discussion of the new XML processing feature
2.x
Related to ModSecurity version 2.x
#3178
opened Jun 28, 2024 by
airween
[modsecurity.conf-recommended] align processing on request & response for json
2.x
Related to ModSecurity version 2.x
config
Related to default config
#3175
opened Jun 24, 2024 by
fzipi
Problem about proxy action
2.x
Related to ModSecurity version 2.x
Platform - Apache
#3170
opened Jun 12, 2024 by
prince-java
Assistance Required with ModSecurity Rule Compatibility for OpenLiteSpeed
3.x
Related to ModSecurity version 3.x
help wanted
#3169
opened Jun 9, 2024 by
admiral504
Previous Next
ProTip!
Mix and match filters to narrow down what you’re looking for.