This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Category:OWASP ModSecurity Core Rule Set Project - ModSecurity 2.1.2 - Notes
From OWASP
- Improvements:
- Added experimental real-time application profiling ruleset. - Added experimental Lua script for profiling the # of page scripts, iframes, etc.. which will help to identify successful XSS attacks and planting of malware links. - Added new CSRF detection rule which will trigger if a subsequent request comes too quickly (need to use the Ignore Static Content rules).
- Bug Fixes:
- Added missing " in the skipAfter SecAction in the CC Detection rule set.
This category currently contains no pages or media.