Skip to content

Dev on Duty

Franziska Bühler edited this page Jun 25, 2022 · 380 revisions

Dev on Duty is a program where the CRS project assigns a team member the role to be a first responder for incoming new issues.

Schedule 2022

Period Dev-on-duty Assumed duty Payment Remarks
Week 1
3 Jan - 9 Jan
@airween Jan 03, 11:17 CET Pending with OWASP GH: #2346
SO:
ML: #1
Week 2
10 Jan - 16 Jan
@redxanadu 10 Jan, 10:45 UTC Pending with OWASP GH:
SO: #1, #2, #3
ML: #1
Week 3
17 Jan - 23 Jan
@franbuehler Jan 17, 09:15 CET Pending with OWASP GH:
SO: #1, not answered, too broad
ML:
TW: #1, #2, #3
Slack: #1 -> PR
Week 4
24 Jan - 30 Jan
@lifeforms Jan 24, 11:57 CET Pending with OWASP GH: #2361
SO: log question, blocking large requests
ML:
TW:
Slack:
Week 5
31 Jan - 6 Feb
@azurit Jan 31, 08:07 CET Pending with OWASP GH: #2364, #19, #2365, #2366, #2367
SO:
ML:
TW:
Slack:
Week 6
7 Feb - 13 Feb
@fzipi Feb 7, 08:12 GMT-3 Pending with OWASP GH:
#1 #2 #3 #4 #5 SO:
ML:
TW:
Slack:
Week 7
14 Feb - 20 Feb
@redxanadu 14 Feb, 10:15 UTC Pending with OWASP GH: #2392, #2396, #2398
SO: #1
ML: #1
TW: #1
Slack:
Week 8
21 Feb - 27 Feb
@airween 20 Feb, 07:01 CET Pending with OWASP GH: #2403, #2409
SO: 1, 2, 3
ML: 1
TW:
Slack:
Week 9
28 Feb - 6 Mar
@azurit 28 Feb, 07:07 CET Pending with OWASP GH: #2413, #2415, #2416, #2418, #2419, #2289
SO:
ML:
TW:
Slack:
Week 10
7 Mar - 13 Mar
@azurit 7 Mar Pending with OWASP GH: #2424
SO: #1
ML: #1
TW:
Slack:
Week 11
14 Mar - 20 Mar
@airween 14 Mar, 09:05 CET Pending with OWASP GH: #2434, #2438, #2440
SO: #1, #2
ML:
TW: #1
Slack: #1
Week 12
21 Mar - 27 Mar
@franbuehler 21 Mar, 08:15 CET Pending with OWASP GH: #2446, #2447,#2449, #2450, #2451
SO: #1, Not answered
ML:
TW:
Slack: #1
Week 13
28 Mar - 3 Apr
@fzipi 28 Mar, 10:05 GMT-3 Pending with OWASP GH: #1 #2
SO: 1
ML:
TW:
Slack:
Week 14
4 Apr - 10 Apr
@azurit 4 Apr, 07:25 CET Pending with CRS GH: -
SO: -
ML: -
TW: -
Slack: -
Week 15
11 Apr - 17 Apr
@redxanadu
(relieved
@lifeforms
midweek)
11 Apr, 10:00 CET Pending with CRS GH: #2494 (@lifeforms), #2480 (@lifeforms)
SO: #1, #2, #3, #4, #5
ML: #1
TW:
Slack:
Week 16
18 Apr - 24 Apr
@dune73 19 Apr, 0800 CET Pending with CRS GH: #2502, #1849 followup, #2506
SO: #1, #2
ML: -
TW: -
Slack: -
Week 17
25 Apr - 1 May
@franbuehler 25 Apr, 09:15 CEST GH: #2509, #2512 -> PR #2521
SO: #1, #2 Update
ML: #1
TW: #1, #2
Slack:
Week 18
2 May - 8 May
@azurit 2 May, 06:00 CET GH: #2522, #5, #2526
SO: #1, #2
ML:
TW:
Slack:
Week 19
9 May - 15 May
@airween 9 May 07:20 CEST GH:
SO: #1, #2
ML:
TW:
Slack:
Week 20
16 May - 22 May
@azurit 16 May, 06:40 CET GH: #3
SO: #1, #2, #3, #4
ML: #1
TW:
Slack:
Week 21
23 May - 29 May
@fzipi 23 May, 9:25 UYT GH: #1
SO: 1
ML: #1 #2
TW:
Slack:
Week 22
30 May - 5 Jun
@franbuehler 30 May, 13:30 CEST GH: #2610, #2612
SO: #1, #2, #3
ML: #1
TW: #1, #2
Slack: #1
Week 23
6 Jun - 12 Jun
@airween 06 Jun, 09:26 CEST GH: -
SO: #1, #2, #3, #4, #5
ML: -
TW: #1, #2
Slack: #1
Week 24
13 Jun - 19 Jun
@azurit 13 Jun, 09:35 CET GH: #2627
SO:
ML: #1
TW:
Slack:
Week 25
20 Jun - 26 Jun
@franbuehler 20 Jun, 10:45 CEST GH: #2659
SO: #1
ML:
TW: #1,#2 and some likes/retweets
Slack:
Week 26
27 Jun - 3 Jul
@dune73 GH:
SO:
ML:
TW:
Slack:
Week 27
4 Jul - 10 Jul
@airween GH:
SO:
ML:
TW:
Slack:
Week 28
11 Jul - 17 Jul
@azurit GH:
SO:
ML:
TW:
Slack:
Week 29
18 Jul - 24 Jul
... GH:
SO:
ML:
TW:
Slack:
Week 30
25 Jul - 31 Jul
... GH:
SO:
ML:
TW:
Slack:
Week 31
1 Aug - 7 Aug
@franbuehler GH:
SO:
ML:
TW:
Slack:
Week 32
8 Aug - 14 Aug
@airween GH:
SO:
ML:
TW:
Slack:
Week 33
15 Aug - 21 Aug
... GH:
SO:
ML:
TW:
Slack:
Week 34
22 Aug - 28 Aug
... GH:
SO:
ML:
TW:
Slack:
Week 35
29 Aug - 4 Sep
... GH:
SO:
ML:
TW:
Slack:
Week 36
5 Sep - 11 Sep
... GH:
SO:
ML:
TW:
Slack:
Week 37
12 Sep - 18 Sep
... GH:
SO:
ML:
TW:
Slack:
Week 38
19 Sep - 26 Sep
... GH:
SO:
ML:
TW:
Slack:
Week 39
27 Sep - 2 Oct
... GH:
SO:
ML:
TW:
Slack:
Week 40
3 Oct - 9 Oct
... GH:
SO:
ML:
TW:
Slack:

Schedule 2021

Period Dev-on-duty Assumed duty Payment Remarks
Week 14 - 5-Apr - 11-Apr @franbuehler April 5, 22:00 CET done Bit of work on GitHub #1947, #2044, #2047
Week 15 - 12-Apr - 18-Apr @azurit April 12, 7:30 CET done GH: #2054, #2055, #2043, #2042
Week 16 - 19-Apr - 25-Apr @dune73 April 19, 09:00 CET done nothing new on GH, responded to a few SO queries, also old ones
Week 17 - 26-Apr - 2-May @airween April 26, 7:30 CET done Two issues on GH (#2060, #2062), nothing on ML, responded 8 SO questions
Week 18 - 3-May - 9-May @franbuehler May 3, 7:45 CEST done GitHub: #2064,
SO: DoS,
SO: Dynamic ARGS,
SO: franbuehler image,
SO: ModSec/CRS/NGINX Kong Ingress,
SO: ModSec NGINX Windows,
SO not responded: syslog-ng related
Week 19 - 10-May - 16-May @lifeforms May 10, 10:15 CEST done GH: 2071
Week 20 - 17-May - 23-May @azurit May 17, 7:00 CEST done GH: 2091, #2093, #2089, #2079, #2076, #2075
Week 21 - 24-May - 30-May @airween May 24, 08:15 CEST done GH: 2105, 2108, 4 issues on SO: #1, #2, #3, #4
Week 22 - 31-May - 6-Jun @franbuehler May 31, 10:40 CEST pending with OWASP GH: 32, PR 21 Review, PR 66 Review, 2110, 2113, 2118, 2119,1 issue on SO: #1, #2 not responded, poorly asked
Week 23 - 7-Jun - 13-Jun @fzipi Jun 7, 14:30 CEST pending with CRS SO: modsec geodb SO: googlebot GH: modsec-docker, modsec-docker 2, #2123, created #2127, #2128
Week 24 - 14-Jun - 20-Jun @dune73 Jun 14, 08:00 CEST pending with OWASP SO: auditlog on NGINX, SO: Rewrite ModSec in Spring, GH: Issue 2133 (a wee bit late, though)
Week 25 - 21-Jun - 27-Jun @franbuehler Jun 21, 08:00 CEST pending with OWASP SSE: FP Wordpress, GitHub Docker: #74, GitHub: #2139, created #2135
Week 26 - 28-Jun - 4-Jul @azurit Jun 28, 06:45 CEST pending with OWASP GH: #2142
SO: #1, #2, #3
Week 27 - 5-Jul - 11-Jul @airween Jul 05, 07:15 CEST pending with OWASP GH: #2150
SO: #1, #2, #3, #4
Week 28 - 12-Jul - 18-Jul @fzipi Jul 12, 15:00 CEST pending with CRS SO: #1 Updated CII bestpractices repo #2 GH: #1991
Week 29 - 19-Jul - 25-Jul @azurit Jul 19, 08:12 CEST pending with OWASP GH: #2167
SO: #1, #2
ML: #1
Week 30 - 26-Jul - 1-Aug @dune73 Jul 26, 09:00 CEST pending with OWASP GH: #2162
ML: Containerized Logging (just noticed my response and the conversation evolving on Wed was private), Trustwave Rules
SO: Docker Image Problems
Week 31 - 2-Aug - 8-Aug @airween Aug 02, 08:05 CEST pending with OWASP GH: #2170, #2171, #2173, #2175; SO: Azure WAF 403 Response
Week 32 - 9-Aug - 15-Aug @azurit Aug 09, 10:20 CEST pending with OWASP GH: #2176
SO: #1, #2
Slack: answered one question
Week 33 - 16-Aug - 22-Aug @franbuehler Aug 16, 14:30 CEST pending with OWASP GH: #2177, #2179, Docker #41
SSE: FP ruby 932150, Slack: FP 930100
Week 34 - 23-Aug - 29-Aug @azurit Aug 23, 9:30 CEST pending with OWASP GH: #2182, #2181
SO: #1
ML: #1
Week 35 - 30-Aug - 5-Sep @fzipi Aug 30, 9:30 CEST pending with CRS GH: #2163 #80 #2186
SO: #1
Week 36 - 6-Sep - 12-Sep @airween Sep 06, 13:45 CEST pending with OWASP GH: #2198
SO: #1, #2
ML: -
Week 37 - 13-Sep - 19-Sep @franbuehler Sep 13, 10:30 CEST pending with OWASP GH: #44
SO: #1, #2
ML: -
Week 38 - 20-Sep - 26-Sep @azurit Sep 20, 11:10 CEST pending with OWASP GH: -
SO: -
ML: -
Week 39 - 27-Sep - 3-Oct @spartantri Sep 27, 14:10 CEST pending with OWASP GH: -
SO: -
ML: -
Week 40 - 4-Oct - 10-Oct @redxanadu Oct 04, 11:30 CEST pending with OWASP GH: #2220, #2219
SO: #1, #2, #3, #4, #5
ML:
Week 41 - 11-Oct - 17-Oct @fzipi Oct 11, 17:30 CEST pending with OWASP GH: #48 #42
SO:
ML:
Week 42 - 18-Oct - 24-Oct @azurit Oct 18, 07:15 CEST pending with OWASP GH: #2235, #2
SO: #1
ML: -
Week 43 - 25-Oct - 31-Oct ALLSTARS Oct 26, 09:00 CEST pending with OWASP GH:
SO:
ML: #1, #2
Week 44 - 01-Nov - 07-Nov @spartantri Nov 1, 09:00 CDT pending with OWASP GH: #2290, #2289 SO: Plain English firing Modsecurity/WAF/CRS rules
ML:
Week 45 - 08-Nov - 14-Nov @fzipi Nov 8, 09:00 CDT pending with OWASP GH: #1
SO: #1
ML:
Week 46 - 15-Nov - 21-Nov @airween Nov 15, 07:25 CET pending with OWASP GH: #2314, #2316, #2317
SO: #1, #2, #3, #4, #5
ML:
Week 47 - 22-Nov - 28-Nov @franbuehler Nov 21, 08:55 CET pending with OWASP GH: -
SO: -
ML: -
Week 48 - 29-Nov - 05-Dec @azurit Nov 29, 07:45 CET pending with OWASP GH: -
SO: #1, #2, #3
ML: -
Week 49 - 06-Dec - 12-Dec @redxanadu Dec 06, 11:30 UTC pending with OWASP GH: #2326
SO: #1, #2
ML:
TW: #1
Week 50 - 13-Dec - 19-Dec @airween Dec 13, 09:26 CET pending with OWASP GH: #2337
SO: #1, #2, #3
ML: #1, #2, #3
SLACK: #1
Week 51 - 20-Dec - 26-Dec @azurit Dec 20, 17:23 CET pending with OWASP GH: #2341
SO: -
ML: -
TW: #1
Week 52 - 27-Dec - 02-Jan @azurit Dec 27, 08:30 CET pending with OWASP GH: #2342
SO: #1
ML: -

Duties

  • Being a first responder to inquiries coming in as GitHub issues.
  • Being a first responder to inquiries coming in via the CRS Google Group Mailing list.
  • Being a first responder to inquiries coming in via the ModSecurity Mailing list if they touch on CRS.
  • Being a first responder to inquiries coming in via the #coreruleset channel on Slack.
  • Being a first responder to inquiries coming in via Stack Overflow / Stack Exchange if they touch on CRS.
  • Being a first responder to inquiries (!) appearing on Twitter. See below for a list of queries. And no need to respond on links and what not. All we want to really address is support questions.

First response means to respond within 24 hours and cover the following items:

  • Check out the response templates to see if there one available for this question. If yes: copy&paste, edit and respond.
  • If there is a simple answer, then respond and close the issue (obviously closing on github)
  • If the issues is incomplete and we need additional infos, then there is a response template for that.
  • If it is a real issue, then test it (-> demo/sandbox!) and confirm if possible.
  • If it is a real issue and it's on the Google Group Mailinglist, ModSecurity mailinglist, Slack, Twitter or Stack Overflow, then ask the reporter to open an issue on GH. If that does not work, then open the issue yourself.
  • Tagging original authors or people where you think they can help in comments on github would be helpful. Actively approach people to make sure we find a solution quickly!
  • If you do not see anybody jumping on the issue and you can not easily solve it, then make sure the issue is scheduled for the next issue chat.

All combined: Try to think for yourself, we are not providing paid support but we try to be helpful. This is best effort.

First steps

Before you can start your duty for the first time, you need to do following steps:

Keeping track of Stack Overflow

We cover the following keywords / queries on Stack Overflow and Security Stack Exchange. Feel free to concentrate on CRS related questions and skip the ModSecurity stuff if it gets too much:

It is also possible to search for questions created only during your duty using date filtering. Example search for keyword CoreRuleSet is here.

Hint: Log in to bypass captcha checks.

Keeping Track of Twitter

  • Feel free to use your own twitter account and sign with #CRSDevOnDuty
  • If you prefer, you can also ask for the @CoreRuleSet twitter account
  • There is a response template for twitter for everything that does not fit into 240 chars.

Please cover the following hashtags / queries:

Queries for CRS3, ModSec and the like brings too much noise.

Hand-over : Assumed Duty column

We need to make sure we get the hand-over correct.

  • Hand-over is organised between the previous and the new dev-on-duty. It's perfectly OK to ask if somebody could keep the duty a day longer or if you could hand over a day early (because you are on holiday or whatever. But you need to talk!)
  • The new period starts when the new dev-on-duty fills out the "assumed duty" column above. Of course this is meant to happen on the day indicated above, but you can not silently assume the new dev-on-duty has taken over without formal confirmation.
  • Please indicate the date and the rough time of the hand-over

Payment

Starting Oct 2021, we agreed on 200 USD per week of duty. Payment will be organized by the project leads via OWASP HQ. This may take a bit of time in the beginning until the process works.

Response Templates

-> Dev-on-Duty:-Response-Templates