Ecosyste.ms: Issues
An open API service for providing issue and pull request metadata for open source projects.
GitHub / SpiderLabs/ModSecurity issues and pull requests
#3036 - Feature: Can we have a basic benchmark report graph in the README
Issue -
State: open - Opened by singchia about 1 year ago
#3035 - lua m.log(2, "4444") where is the log message?
Issue -
State: open - Opened by leveryd about 1 year ago
#3034 - Is the v3 version compatible with the owasp rules of the v2 version
Issue -
State: closed - Opened by tiankanghello about 1 year ago
- 1 comment
#3033 - modsecurity.org is not available: 502 Proxy Error
Issue -
State: closed - Opened by Daijobou about 1 year ago
- 1 comment
#3032 - Detailed error message when writing collections
Pull Request -
State: open - Opened by marcstern about 1 year ago
#3031 - After modsecurity is enabled on nginx, a large number of TCP connections in the CLOSE-WAIT state will be generated
Issue -
State: closed - Opened by Langgeligelang about 1 year ago
- 5 comments
#3030 - Body response is not logged for some requests
Issue -
State: closed - Opened by tigrouind about 1 year ago
- 2 comments
#3029 - After using WAF forwarding, the custom header "authorization_bar" is missing
Issue -
State: closed - Opened by net-lin-dev about 1 year ago
- 2 comments
#3028 - How to reduce FPs from Request Missing an Accept Header (9200300) rule in the Azure Web Application Gateway (WAF)?
Issue -
State: closed - Opened by JacobChua12345 about 1 year ago
- 5 comments
#3027 - Fix a small comment spell
Pull Request -
State: open - Opened by StarryVae about 1 year ago
#3026 - Modsecurity audit log (JSON) - messages field structure
Issue -
State: closed - Opened by donatasiv about 1 year ago
- 1 comment
Labels: 2.x
#3025 - fix missing libxml2 headers
Pull Request -
State: closed - Opened by pgnd about 1 year ago
- 2 comments
#3024 - Add WRDE_NOCMD to wordexp call
Pull Request -
State: closed - Opened by martinhsv about 1 year ago
#3023 - Compilation failing with libxml-related errors (with libxml 2.12.0 - 2.12.2)
Issue -
State: closed - Opened by Marcool04 about 1 year ago
- 7 comments
#3022 - SecRequestBodyAccess Off is still loading request body in memory
Issue -
State: open - Opened by cerebox about 1 year ago
- 3 comments
#3021 - Filter User Agent by the word 'bot' and whitelist
Issue -
State: closed - Opened by AngelSamuel about 1 year ago
- 2 comments
#3020 - V2/mst/log coll key2
Pull Request -
State: closed - Opened by marcstern about 1 year ago
- 1 comment
#3019 - Log involved collection key in case of DBM write error
Pull Request -
State: closed - Opened by marcstern about 1 year ago
- 1 comment
#3018 - Skip XML element from mod sec rule scanning from xml payload
Issue -
State: closed - Opened by vsharm22 about 1 year ago
- 2 comments
#3017 - Memory leak in ModSecurity library at seclang-parser.yy while loading ruleset
Issue -
State: closed - Opened by atulkaushik22 about 1 year ago
- 1 comment
#3016 - fix: makes uri decode platform independent
Pull Request -
State: open - Opened by M4tteoP about 1 year ago
#3015 - [Question] Modsecurity metrics
Issue -
State: closed - Opened by Norsu296 about 1 year ago
- 3 comments
#3014 - Fix: validateDTD compile fails if when libxml2 not installed
Pull Request -
State: closed - Opened by martinhsv about 1 year ago
#3013 - Cannot compile latest 3.0.10 on macOS Sonoma (M1)
Issue -
State: closed - Opened by zangobot about 1 year ago
- 6 comments
#3012 - ctl:ruleRemoveByTag isn't executed if no rule id is present in the rule
Pull Request -
State: open - Opened by marcstern about 1 year ago
- 4 comments
Labels: 2.x
#3011 - removeByTag isn't executed if no rule id is present in the rule
Pull Request -
State: closed - Opened by marcstern about 1 year ago
- 1 comment
#3010 - Performance enhancement calling expand_macros()
Issue -
State: open - Opened by marcstern about 1 year ago
- 1 comment
#3009 - Suppress useless loop on tag matching
Pull Request -
State: open - Opened by marcstern about 1 year ago
#3008 - Fix memory leak of validateDTD's dtd object
Pull Request -
State: closed - Opened by martinhsv over 1 year ago
#3007 - 408 http code generated by mod_reqtimeout is not detected
Issue -
State: open - Opened by ShaiMagal over 1 year ago
- 11 comments
Labels: 2.x
#3006 - Mask the PII in response
Issue -
State: closed - Opened by shubhagarwal14 over 1 year ago
- 1 comment
#3005 - Fix memory leaks in ValidateSchema
Pull Request -
State: closed - Opened by martinhsv over 1 year ago
#3004 - Optimization: Avoid last loop and storing an empty value in case nothing after last %{..} macro
Pull Request -
State: open - Opened by marcstern over 1 year ago
#3003 - Ignore (consistently) empty actions
Pull Request -
State: open - Opened by marcstern over 1 year ago
#3002 - New Feature: Length of different parameters of the request
Issue -
State: closed - Opened by shubhagarwal14 over 1 year ago
- 4 comments
#3001 - V3/dev/action expirevar
Pull Request -
State: closed - Opened by martinhsv over 1 year ago
#3000 - ModSecurity always log our "400" request ?
Issue -
State: closed - Opened by guldil over 1 year ago
- 10 comments
#2999 - Allow to store only the length of ARGS values in ARGS_COMBINED_SIZE
Pull Request -
State: closed - Opened by marcstern over 1 year ago
- 6 comments
#2998 - Question about rule syntax
Issue -
State: closed - Opened by marcogiorgio over 1 year ago
- 4 comments
#2997 - Add context info to error message
Pull Request -
State: open - Opened by marcstern over 1 year ago
#2996 - Allow lua version 5.4
Pull Request -
State: closed - Opened by martinhsv over 1 year ago
- 1 comment
Labels: 2.x
#2995 - [Help] `SecAuditLogType HTTPS` is only suport with `SecAuditLogFormat JSON`?
Issue -
State: closed - Opened by actanble over 1 year ago
- 2 comments
#2994 - Implement msre_action_phase_validate()
Pull Request -
State: open - Opened by marcstern over 1 year ago
#2993 - Removed redundant processing for "sanitizeXXX" actions
Pull Request -
State: open - Opened by marcstern over 1 year ago
#2992 - Avoid some useless code and memory allocation in case no macro is present
Pull Request -
State: open - Opened by marcstern over 1 year ago
#2991 - IIS multiple response headers with the same name
Issue -
State: open - Opened by Rtw915 over 1 year ago
- 7 comments
#2990 - IIS ARR RESPONSE_HEADERS:Set-Cookie missing
Issue -
State: closed - Opened by Rtw915 over 1 year ago
- 1 comment
#2989 - Add support for lua 5.4; remove curl deprecation
Issue -
State: closed - Opened by 3eka over 1 year ago
- 4 comments
Labels: 2.x, 2.x - mlogc
#2988 - cannot upload files such as .jpg, .jpeg, .png, .pdf, .doc
Issue -
State: closed - Opened by nuroji over 1 year ago
- 9 comments
#2987 - 'jit' variable not initialized when WITH_PCRE2 is defined
Pull Request -
State: open - Opened by marcstern over 1 year ago
- 2 comments
#2986 - SecRuleRemoveById inside Apache virtual host
Issue -
State: closed - Opened by mirawara over 1 year ago
- 3 comments
#2985 - Fix: lmdb regex match on non-null-terminated string
Pull Request -
State: closed - Opened by martinhsv over 1 year ago
#2984 - Will ModSecurity continue to be developed by SpiderLabs after Tustwave's support ends?
Issue -
State: closed - Opened by kkaneko1213 over 1 year ago
- 10 comments
#2983 - Fix memory leaks in lmdb code (new'd strings)
Pull Request -
State: closed - Opened by martinhsv over 1 year ago
- 1 comment
#2982 - Is nginx 1.24 incompatible with 3.0.10?
Issue -
State: closed - Opened by xujili8691 over 1 year ago
- 2 comments
#2981 - update the wiki page for SecRuleRemoveByID
Issue -
State: closed - Opened by Guiteguit over 1 year ago
- 4 comments
#2980 - build: don't directly use the .libs directory
Pull Request -
State: open - Opened by orbea over 1 year ago
- 1 comment
#2979 - rsub Not supported in v3.x?
Issue -
State: closed - Opened by swzaaaaaaa over 1 year ago
- 2 comments
#2978 - nginx centos 7
Issue -
State: closed - Opened by koteshr-tml over 1 year ago
- 1 comment
#2977 - Fix infinite loop bug from static analysis.
Pull Request -
State: closed - Opened by bhawikagupta over 1 year ago
- 2 comments
#2976 - multiple reload of page cause intervention to be disruptive on favicon.ico
Issue -
State: closed - Opened by ampminfo over 1 year ago
- 3 comments
#2975 - Configure: do not check for pcre1 if pcre2 requested
Pull Request -
State: closed - Opened by martinhsv over 1 year ago
- 8 comments
Labels: 2.x
#2974 - Modsecurity v3 lua script
Issue -
State: closed - Opened by Grayl1 over 1 year ago
- 1 comment
#2973 - Invalid PCRE2 JiT check
Issue -
State: open - Opened by marcstern over 1 year ago
- 4 comments
Labels: 2.x
#2972 - PCRE2 performance
Issue -
State: open - Opened by marcstern over 1 year ago
#2971 - Update verify_ssn.cc to fix new format
Pull Request -
State: open - Opened by jakubsuchy over 1 year ago
#2970 - verifySSN: Area code can be larger than 740
Issue -
State: open - Opened by jakubsuchy over 1 year ago
- 1 comment
#2969 - Double memory allocation
Pull Request -
State: open - Opened by marcstern over 1 year ago
Labels: 2.x
#2968 - ; incorrectly replaced by space in cmdline
Pull Request -
State: open - Opened by marcstern over 1 year ago
#2967 - V2/mst/log noid
Pull Request -
State: closed - Opened by marcstern over 1 year ago
- 2 comments
#2966 - PCRE2 support still requires PCRE1
Issue -
State: closed - Opened by zhaoshikui over 1 year ago
- 7 comments
Labels: 2.x
#2965 - Fix for issue 2849
Pull Request -
State: closed - Opened by marcstern over 1 year ago
- 1 comment
#2964 - Macro expansion for ruleRemoveTargetByTag & ruleRemoveTargetByMsg
Pull Request -
State: open - Opened by marcstern over 1 year ago
#2963 - Fix for DEBUG_CONF compile flag
Pull Request -
State: open - Opened by marcstern over 1 year ago
#2962 - Macro expansion for ruleRemoveTargetByTag & ruleRemoveTargetByMsg
Pull Request -
State: closed - Opened by marcstern over 1 year ago
#2961 - Fix for DEBUG_CONF flag
Pull Request -
State: closed - Opened by marcstern over 1 year ago
#2960 - Fixed 2 memory leaks
Pull Request -
State: open - Opened by marcstern over 1 year ago
#2959 - Fix for remaining of PR2263
Pull Request -
State: closed - Opened by marcstern over 1 year ago
#2958 - Check return code of apr_procattr_io_set()
Pull Request -
State: closed - Opened by marcstern over 1 year ago
- 1 comment
Labels: 2.x
#2957 - Compatibility with libyajl decoding the buffer inline
Pull Request -
State: open - Opened by marcstern over 1 year ago
#2956 - Centralized function to get user name
Pull Request -
State: open - Opened by marcstern over 1 year ago
#2955 - Handle capture as tx.1=char in validateByteRange
Pull Request -
State: open - Opened by marcstern over 1 year ago
- 5 comments
Labels: 2.x
#2954 - remove useless memset
Pull Request -
State: open - Opened by marcstern over 1 year ago
#2953 - remove useless apr_pstrdup()
Pull Request -
State: open - Opened by marcstern over 1 year ago
#2952 - Expand macros in ruleRemoveTargetByMsg & ruleRemoveTargetByTag
Pull Request -
State: closed - Opened by marcstern over 1 year ago
- 1 comment
#2951 - Allow multiple digits in sanitizeMatchedBytes
Pull Request -
State: open - Opened by marcstern over 1 year ago
- 2 comments
Labels: 2.x
#2950 - Logging enhancement: in case of no id, show file info
Pull Request -
State: open - Opened by marcstern over 1 year ago
#2949 - Regex in setvar variables (issues 2927)
Pull Request -
State: open - Opened by marcstern over 1 year ago
#2948 - Remove redundant tags (and actions)
Pull Request -
State: closed - Opened by marcstern over 1 year ago
- 3 comments
#2947 - status 400 instead of 500 on XML/JSON parsing error
Pull Request -
State: open - Opened by marcstern over 1 year ago
#2946 - Fix for https://github.com/SpiderLabs/ModSecurity/issues/610
Pull Request -
State: open - Opened by marcstern over 1 year ago
#2945 - Support for "filename*" in multipart (precedence over "filename")
Pull Request -
State: closed - Opened by marcstern over 1 year ago
- 6 comments
Labels: 2.x
#2944 - Support for "filename*" in multipart (precedence over "filename")
Pull Request -
State: closed - Opened by marcstern over 1 year ago
- 1 comment
#2943 - IIS modsecurity lets encrypt extensionless verification
Issue -
State: closed - Opened by zvekan over 1 year ago
- 2 comments
#2942 - Cross-Compatible JSON Body Exclusion Ruleset for Different ModSecurity Versions
Issue -
State: open - Opened by theMiddleBlue over 1 year ago
- 2 comments
#2941 - https://github.com/SpiderLabs/ModSecurity/issues/533
Pull Request -
State: open - Opened by marcstern over 1 year ago
#2940 - V2/mst/nullcheck
Pull Request -
State: open - Opened by marcstern over 1 year ago
#2939 - Configure: add additional name to pcre2 pkg-config list
Pull Request -
State: closed - Opened by martinhsv over 1 year ago
- 1 comment
#2938 - how correspondence between modsecurity phase(1--5) and nginx phase(1--11)?
Issue -
State: closed - Opened by successjian over 1 year ago
- 2 comments
#2937 - connection between modsecurity and core rule set
Issue -
State: closed - Opened by sushmakummari over 1 year ago
- 1 comment