Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
New TAG for each ruleset file
See original GitHub issueMotivation
sometimes I need to exclude a whole CRS ruleset file (included on the main modsecurity.conf) just when occurs a certain condition. For example when 2 different websites share the same modsecurity.conf but need two completely different configurations.
Proposed solution
Add a tag for each rule on the same ruleset file that could be used to remove them “on the fly”. For example:
all rules in REQUEST-912-DOS-PROTECTION.conf have the tag file-request-dos-protection
all rules in REQUEST-930-APPLICATION-ATTACK-LFI.conf have the tag file-request-application-attack-lfi
etc…
Alternatives
Or just set a tag based on rules prefix number, something like:
all rules in REQUEST-912-DOS-PROTECTION.conf have the tag request-912
all rules in REQUEST-930-APPLICATION-ATTACK-LFI.conf have the tag request-930
etc…
if you all agree, I can send a PR
Issue Analytics
- State:
- Created 3 years ago
- Reactions:1
- Comments:12 (11 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Awesome plan. Let’s talk about a good placement at the next project chat (-> add to agenda)
thanks to @airween msc_pyparser module, I’ve created a script to append, rename or remove tags from rules in file (if someone need it I can push it somewhere):
how about adding a short tag like (req|res)-❤️ digit id> ?