Comments (6)
User rcbarnett-zz commented on date 2012-12-19 19:32:07:
Most distribution packagers have upgraded to v2.7.x. What distro repo are you using?
from coreruleset.
User sathieu commented on date 2012-12-19 20:14:12:
I use Debian. Debian stable (squeeze) has 2.5.12, and incoming stable (wheezy) has 2.6.6 (See http://packages.debian.org/search?keywords=mod-security&searchon=names&suite=all§ion=all).
I will probably write a script that remove all those new actions ("maturity" and "accuracy") and hope it is enough.
Anyway, having a too strong relation between the mod_security engine and the CRS makes upgrade sharder. We previously had to migrate to mod_sec 2.6 because of a new CRS release depending on it, and then old CRS was not working anymore with this new engine (syntax errors). As such we had to migrate all our vhosts to the newest CRS which brought a lot of new false positive. This was a lot of pain.
from coreruleset.
User choffee commented on date 2013-02-21 18:09:57:
The same is true for Ubuntu LTS
http://packages.ubuntu.com/precise-updates/libapache2-modsecurity
Looks like they will be around for a bit. Is there some way things like fixed regex's could be backported to a stable repo?
from coreruleset.
User eilandert commented on date 2013-06-16 23:03:13:
https://launchpad.net/~team-mayhem/+archive/ppa has up2date modsecurity packages, for ubuntu anyway
from coreruleset.
User rcbarnett-zz commented on date 2013-07-01 17:46:41:
Added script from sathieu to remove v2.7 actions for use with older ModSecurity installs -
from coreruleset.
User sathieu commented on date 2013-07-02 15:02:16:
Thank you.
from coreruleset.
Related Issues (20)
- Finish updating the changelog file for the v4 release HOT 6
- .changes-pending.md lacks space before asterisk
- user cannot upload files HOT 2
- False positive? HOT 8
- Detect RCE in User-Agent header (was 932200)
- False positives for 932260 with POST parameters starting with axel HOT 9
- Document rule exclusion pkg to plugin migration from CRS3 to CRS4 in separate blog post
- Linter should check that all rules have the correct CRS tag and version HOT 2
- Why use lowercase and (?i) simultaneously in the rules? HOT 8
- False positives for 932260 with cron
- Lint rule to check for unnecessary `lowercase` transformations HOT 8
- CRS4 Wordpress plugin all I need for wordpress, because it's missing rule exclusions from crs3.4? HOT 6
- Versioning clarification HOT 1
- Rule exclusions for dynamically changing sections of home page not working. Please help a noob with Rule Exclusions! Site is live! HOT 18
- False positive for Adobe Reader submissions HOT 2
- URL TLD being mistaken for file extension HOT 2
- coraza-caddy is working on sandbox ? HOT 1
- Windows defender flagging RESPONSE-955-WEB-SHELLS.conf as malware Backdoor:PHP/Dirtelti.MTJ HOT 8
- Help needed: Content-Type with extra characters can't be parsed? HOT 6
- Removal of severity from blocking rules leads to CrowdSec hiccoughs when running CRS4 HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from coreruleset.