Skip to content

Issues: owasp-modsecurity/ModSecurity

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

176 Open 2,160 Closed
176 Open 2,160 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

[Idea] Add variable support for SecAuditLog
#3133 opened Apr 25, 2024 by Xakiadalisabad
1
@rbl operator does not support IPv6 2.x Related to ModSecurity version 2.x 3.x Related to ModSecurity version 3.x bug It is a confirmed bug duplicate Ops. Somebody else already hit that bump 🥇 good first issue
#3131 opened Apr 24, 2024 by airween
@airween
Incorrect utf8toUnicode transformation for 00xx 2.x Related to ModSecurity version 2.x
#3129 opened Apr 23, 2024 by marcstern
Regular Expression Failure Triggers !@rx 3.x Related to ModSecurity version 3.x
#3123 opened Apr 19, 2024 by ssigwart
@airween
1
Phasing out SecStatusEngine 2.x Related to ModSecurity version 2.x
#3122 opened Apr 19, 2024 by vloup
2
Lua installed, but Modsecurity still dont work with it 3.x Related to ModSecurity version 3.x
#3119 opened Apr 4, 2024 by duongtuankiet
Is it possible to change the SecAuditLogStorageDir variable so that the logs are sorted by vhost? 2.x Related to ModSecurity version 2.x
#3118 opened Mar 31, 2024 by vukitoso
Error: Could not set variable "ip.brute_force_counter" and Could not set variable "ip.xmlrpc_counter" as the collection does not exist. 2.x Related to ModSecurity version 2.x
#3115 opened Mar 28, 2024 by ic32k
4
Feature request: Limit the number of rules processed per request 2.x Related to ModSecurity version 2.x
#3112 opened Mar 25, 2024 by no-sec-marko
3
Annoying DNS queries with @rbl operator 3.x Related to ModSecurity version 3.x
#3111 opened Mar 25, 2024 by ne20002
17
libmodsecurity3: Request body is not logged 3.x Related to ModSecurity version 3.x
#3109 opened Mar 19, 2024 by EsadCetiner
10
SecRuleScript actions always considered disruptive 3.x Related to ModSecurity version 3.x bug It is a confirmed bug
#3108 opened Mar 16, 2024 by theseion
@airween
1
Enhancement: Improve log statement for SecArgumentsLimit issue instead of JSON parsing error 2.x Related to ModSecurity version 2.x 3.x Related to ModSecurity version 3.x
#3107 opened Mar 11, 2024 by kkrupka
4
NULL pointer checks & compiler warnings 2.x Related to ModSecurity version 2.x help wanted
#3105 opened Mar 6, 2024 by marcstern
@marcstern
1
Debian package dependencies are broken 3.x Related to ModSecurity version 3.x
#3102 opened Mar 5, 2024 by logopk
10
SecAuditLogFormat set to JSON prints logs in native format aswell 3.x Related to ModSecurity version 3.x
#3100 opened Mar 1, 2024 by Shivam0609
7
SanitiseArg does not work in RequestBody 2.x Related to ModSecurity version 2.x
#3089 opened Feb 21, 2024 by Seppl2202
5
Problem with logfile's name 3.x Related to ModSecurity version 3.x
#3084 opened Feb 15, 2024 by sivsoft
4
No CPE for 3.0.11 and 3.0.12 2.x Related to ModSecurity version 2.x 3.x Related to ModSecurity version 3.x
#3083 opened Feb 14, 2024 by frankvanbever
4
Different behavior of the engines implicit @rx operator
#3081 opened Feb 11, 2024 by airween
10
Inadequate locking for multithreading in libModSecurity In-Memory persistent storage
#3054 opened Feb 7, 2024 by martinhsv
4
libmodsecurity3: SecAction can't be disabled via ctl action 3.x Related to ModSecurity version 3.x bug It is a confirmed bug
#3053 opened Feb 6, 2024 by EsadCetiner
3
Problem with logrotate: Log rotation writes to incorrect file 3.x Related to ModSecurity version 3.x
#3047 opened Jan 30, 2024 by gabinheylen
2
Update Wikipedia:ModSecurity admin (OWASP transfer) Administration and documentation related to the transfer of ModSecurity to OWASP
#3046 opened Jan 29, 2024 by dune73
Review and update security.md admin (OWASP transfer) Administration and documentation related to the transfer of ModSecurity to OWASP
#3045 opened Jan 28, 2024 by dune73
1
ProTip! Adding no:label will show everything without a label.