This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Projects/OWASP ModSecurity Core Rule Set Project/Releases/ModSecurity 2.1.2"
From OWASP
(Created page with "{{Template: <includeonly>{{{1}}}</includeonly><noinclude>Release About</noinclude> | project_name = OWASP ModSecurity Core Rule Set Project | project_home_page = :Category:OWASP ...") |
|||
Line 4: | Line 4: | ||
| release_name = ModSecurity 2.1.2 | | release_name = ModSecurity 2.1.2 | ||
− | | release_date = | + | | release_date = 02/17/2011 |
− | | release_description | + | | release_description = |
+ | *Improvements: | ||
+ | - Added experimental real-time application profiling ruleset. | ||
+ | - Added experimental Lua script for profiling the # of page scripts, iframes, etc.. which will help to identify successful XSS attacks and planting of malware links. | ||
+ | - Added new CSRF detection rule which will trigger if a subsequent request comes too quickly (need to use the Ignore Static Content rules). | ||
+ | |||
+ | *Bug Fixes: | ||
+ | - Added missing " in the skipAfter SecAction in the CC Detection rule set | ||
+ | |||
| release_license = [http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU General Public License - Version 2.0] | | release_license = [http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU General Public License - Version 2.0] | ||
− | | release_download_link = | + | | release_download_link = http://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/modsecurity-crs_2.1.2.zip/download |
| leader_name1 = Ryan Barnett | | leader_name1 = Ryan Barnett |
Revision as of 20:43, 15 March 2011
back to project home page
what | is this release? |
---|---|
ModSecurity 2.1.2 - 02/17/2011 - (download) | |
Release Description:
- Added experimental real-time application profiling ruleset. - Added experimental Lua script for profiling the # of page scripts, iframes, etc.. which will help to identify successful XSS attacks and planting of malware links. - Added new CSRF detection rule which will trigger if a subsequent request comes too quickly (need to use the Ignore Static Content rules).
- Added missing " in the skipAfter SecAction in the CC Detection rule set | |
Release License: GNU General Public License - Version 2.0 | |
who | worked on this release? |
Release Leader(s): | |
how | can you learn more? |
Release Notes: View | |
Release Rating: Not Reviewed - Assessment Details | |
Key Contacts | |
|