[ Not sure my first try posting made it through, I see it in the archive, but
have had no response which I find odd. ]
I have V3 rules running in a test environment playing with how it interacts
with WordPress. My early investigation is showing a few rules that need to be
addressed to allow code, sql examples etc. to be included in a post, nothing
overly surprising.
I have a question about the construction of rules 930100 and 930110. These
rules both examine REQUEST_BODY and REQUEST_HEADERS. Other rules, such as
930120 use ARGS and ARGS_NAMES, etc.
The result is it's not possible to disable 930100 and 930110 for specific ARGS
where the patterns would be acceptable.
What is the motivation for the difference in how these rules are defined?
-- Ken
_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
[email protected]
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
