Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Update test User-Agent to "OWASP ModSecurity Core Rule Set Test"
See original GitHub issueMotivation
Per comments in #2362 , we should use an uniform User-Agent that doesn’t depend on the version of CRS or others.
Proposed solution
- Change the User-Agent in test to
OWASP ModSecurity Core Rule Set Test - When a particular User-Agent is required by the test itself, add it after a semicolon, example:
libwww-perl; OWASP ModSecurity Core Rule Set Test - Check what to do in the case of
encoded_request: do we want to edit those also?
Additional context
Linked PR.
Issue Analytics
- State:
- Created 2 years ago
- Comments:6 (6 by maintainers)
Top Results From Across the Web
OWASP ModSecurity Core Rule Set
The OWASP ModSecurity Core Rule Set (CRS) is a set of generic attack detection rules for use with ModSecurity or compatible web application...
Read more >Using the OWASP CRS with the NGINX ModSecurity WAF
This chapter explains how to enable and test the Open Web Application Security Project Core Rule Set (OWASP CRS) for use with the...
Read more >Including OWASP ModSecurity Core Rule Set - netnea
What are we doing? We are embedding the OWASP ModSecurity Core Rule Set in our Apache web server and eliminating false alarms.
Read more >CRS rule groups and rules - Azure Web Application Firewall
This is done through rules that are defined based on the OWASP core rule sets 3.2, 3.1, 3.0, or 2.2.9. Rules can be...
Read more >owasp-modsecurity-crs/CHANGES - GitHub
OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository) ... Update regression tests for rules 931110, 931120, 931130 (Simon Studer).
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Ah, gotcha. Thanks.
Changed UA to the official
OWASP ModSecurity Core Rule Set. Luckily, this was an easy sed.