Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add well known deployment problems #111

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

feat: add well known deployment problems #111

wants to merge 4 commits into from

Conversation

fzipi
Copy link
Member

@fzipi fzipi commented Feb 12, 2024

No description provided.

@RedXanadu
Copy link
Member

RedXanadu commented Feb 12, 2024
edited

Can we combine this with the 'Known issues' page? It feels a little redundant to have two pages on the same topic, known issues and known problems. Or maybe we retire one or update one?

@fzipi
Copy link
Member Author

fzipi commented Feb 13, 2024

Yes, we can, and we should. Let me push the change.

@fzipi
feat: add well known deployment problems
e2033c0 
Signed-off-by: Felipe Zipitria <felipe.zipitria@owasp.org>
@fzipi
fix: update known issues
098f7ba 
Signed-off-by: Felipe Zipitria <felipe.zipitria@owasp.org>
@fzipi
Copy link
Member Author

fzipi commented Feb 13, 2024

@RedXanadu Moved to known issues. Also, moved from bullet points to titles, so they can be referenced easily from other places.

@fzipi fzipi requested a review from RedXanadu February 22, 2024 19:09
@fzipi
Copy link
Member Author

fzipi commented Feb 25, 2024

@RedXanadu Can you review this one now?

dune73
dune73 requested changes Feb 26, 2024
View reviewed changes
content/operation/known_issues.md

### Anomaly Mode Doesn't Work

Sometimes on IIS or Nginx users run into an instance where anomaly mode doesn't work as expected. In fact upon careful inspection of logs one would notice that rules don't fire in the order we would expect. In general this is a result of using the `'*'` operator within these environments as it does not act the same way as in Apache. In general within both Apache and IIS one should expliticly include the various files present within the OWASP CRS instead of using the `'*'`.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In general within both Apache and IIS should probably be Nginx and IIS.

Also: Does this problem persist with newer versions? Because if it does, our INSTALL that proposes * now is likely wrong.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sadly, I do not have a clue. This was copied from the Website 🤷 . Maybe we need to clean this out?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@airween what is the real status of Include rules/*.conf on Nginx?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry, what do you mean about "real status"?

The mentioned configuration (Include rules/*.conf) on Nginx works as well, I use that form all of my servers.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I thought so. That means this passage here can be omitted and we should update the website too.

@RedXanadu
Copy link
Member

RedXanadu commented Feb 26, 2024
edited

The diff is significant... I thought this was just adding some new bullet points to the list, that would be an easy win and quick to review 😅 I'll review when I can.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@airween airween airween left review comments

@dune73 dune73 dune73 requested changes

@RedXanadu RedXanadu Awaiting requested review from RedXanadu

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@fzipi @RedXanadu @airween @dune73