Common Exception 905100 is broken
See original GitHub issue_Issue originally created by user dune73 on date 2017-04-15 05:22:54. Link to original issue: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/734._
The rule reads:
SecRule REQUEST_LINE "@streq GET /" \
This will never trigger as the protocol is missing and @streq
is used.
Using **beginsWith**
and adding a space after the slash would fix it, BUT we would activate a common exception that would disable ModSec for GET requests from localhost to /, no matter what user-agent or referer or other funny tricks somebody is trying. So if an attacker manages to send a request from localhost …
905110 is similar (and works!)
I suggest we fix 905100 and comment it out.
Issue Analytics
- State:
- Created 3 years ago
- Comments:9
Top Results From Across the Web
Dorman® 905-100 - Automatic Transmission Shift Tube
Automatic Transmission Shift Tube - Part Number 905-100 (905100) by Dorman. Steering Column Shift Tube and Plunger Assembly. Packaging Type: Box.
Read more >Dorman 905-100 Automatic Transmission Shift Tube ...
Buy Dorman 905-100 Automatic Transmission Shift Tube Compatible with Select Ford ... Tips for fixing a broken shift cable linkage with replacement bushings....
Read more >Loose shift selector, Hard to find Reverse.
The shifter tube breaks. It's so common that, around here, there are none in the JYs. The screws that retain the steel arm...
Read more >ATLAS and Aliqa Uma as One Single Stream - IOPscience
Broken into Pieces: ATLAS and Aliqa Uma as One Single Stream ... The only exception is a blue star at (g − r)0...
Read more >MARELON BROCHURE.PM6
Vented Loops are commonly used in the marine toilet system and engine cooling ... TYPICAL SEACOCK. INSTALLATION. MARELON ® is the ... 905100...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
User ranvis commented on date 2017-05-21 15:33:01:
Hi. For “internal dummy connection” to HTTPS port, it had been changed on Apache 2.2.24 / 2.4.3.
modules/ssl/ssl_engine_io.c of https://github.com/apache/httpd/commit/b67aec5ed5fcb8646a4e81f96625877c1345781f / https://github.com/apache/httpd/commit/7cf9ed008a52579b96741a6af95c7177dc1abd6a
It used to return 400 Bad Request response body without headers because of the protocol HTTP/0.9. hth.
User emphazer commented on date 2017-04-18 18:15:56:
I think that makes sense. Shall i change my PR for 905100 to
And comment it out?