Good to know, thanks for the answers !
Greg
Search found 4 matches
- Mon May 16, 2011 8:30 am
- Forum: Atomicorp Free Modsecurity Rules
- Topic: PHP Code inclusion go through mod sec
- Replies: 6
- Views: 20141
- Tue May 03, 2011 12:54 pm
- Forum: Atomicorp Free Modsecurity Rules
- Topic: PHP Code inclusion go through mod sec
- Replies: 6
- Views: 20141
Re: PHP Code inclusion go through mod sec
I mean don't you have a testing machine with the free delayed rules installed on which you can test this sample php code ? If it is a configuration issue my bad then, but if it is a bug in your free delayed rules, it might be interesting for you to make a fix. Most of the attacks are blocked (xss, r...
- Tue May 03, 2011 5:07 am
- Forum: Atomicorp Free Modsecurity Rules
- Topic: PHP Code inclusion go through mod sec
- Replies: 6
- Views: 20141
Re: PHP Code inclusion go through mod sec
Thanks for the quick answer ! Is there any chance someone could test that trivial code injection with the free ruleset in order to know if it is a real bug or a problem with my config ? It sounds weird to have this kind of attack working even with a free ruleset. My apache's config is a (on purpose)...
- Mon May 02, 2011 12:29 pm
- Forum: Atomicorp Free Modsecurity Rules
- Topic: PHP Code inclusion go through mod sec
- Replies: 6
- Views: 20141
PHP Code inclusion go through mod sec
Hello, I'm currently "benchmarking" gotroot modsec rules for a potential live account in the future. I have downloaded the lastest free rules set and running debian wheesy for the tests. apache2 -v Server version: Apache/2.2.17 (Debian) Server built: Apr 10 2011 18:44:46 With libapache-mod...