Skip to content

Issues: SpiderLabs/ModSecurity

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

150 Open 2,116 Closed
150 Open 2,116 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

rsub Not supported in v3.x?
#2979 opened Aug 31, 2023 by swzaaaaaaa
multiple reload of page cause intervention to be disruptive on favicon.ico
#2976 opened Aug 26, 2023 by ampminfo
2
Invalid PCRE2 JiT check 2.x Related to ModSecurity version 2.x
#2973 opened Aug 24, 2023 by marcstern
1
PCRE2 performance
#2972 opened Aug 24, 2023 by marcstern
verifySSN: Area code can be larger than 740
#2970 opened Aug 21, 2023 by jakubsuchy
1
PCRE2 support still requires PCRE1 2.x Related to ModSecurity version 2.x
#2966 opened Aug 17, 2023 by zhaoshikui
6
Cross-Compatible JSON Body Exclusion Ruleset for Different ModSecurity Versions
#2942 opened Aug 10, 2023 by theMiddleBlue
2
how correspondence between modsecurity phase(1--5) and nginx phase(1--11)?
#2938 opened Aug 2, 2023 by successjian
1
Target transformed even when ignored via ctl: action 2.x Related to ModSecurity version 2.x
#2932 opened Jul 20, 2023 by marcstern
2
Skip XML element from mod sec rule scanning from xml payload
#2929 opened Jul 13, 2023 by Vikasjava60
7
SecRuleUpdateActionById may not replace non-disruptive, non-additive actions 3.x Related to ModSecurity version 3.x
#2928 opened Jul 12, 2023 by martinhsv
Regex in setvar variables 2.x Related to ModSecurity version 2.x
#2927 opened Jul 12, 2023 by marcstern
4
AuditLog JSON large data field
#2925 opened Jul 11, 2023 by borisovdmitrii
2
NEW FEATURE: GraphQL Security new feature This is a new feature
#2919 opened Jun 27, 2023 by shubhagarwal14
1
Unique transaction ID is not unique
#2896 opened May 3, 2023 by git-madresc
2
@ipMatch misses IP with multiple values
#2893 opened Apr 20, 2023 by marcstern
1
ModSecurity not finding SecMarker in phase 2 2.x Related to ModSecurity version 2.x
#2865 opened Jan 20, 2023 by TomCan
7
DOC: SecRuleUpdateActionById and chain docs are errant for both 2.x and 3.x documentation Somehow related to documentation
#2860 opened Jan 12, 2023 by diablodale
1
REQUEST_FILENAME variable is not getting correctly set
#2853 opened Dec 30, 2022 by PrajwalKrishna
2
Apache httpd does not execute ErrorDocument directive if response code is changed during phase 4
#2849 opened Dec 22, 2022 by TomasKorbar
Memory leaks with nginx reload (without restart)
#2848 opened Dec 21, 2022 by martinhsv
17
ModSecurity can cause hang of apache httpd during graceful restart 2.x Related to ModSecurity version 2.x
#2822 opened Oct 20, 2022 by TomasKorbar
Transaction intializing twice per request for URI '/' 3.x Related to ModSecurity version 3.x
#2816 opened Oct 13, 2022 by nagri
9
Bug: Premature EOF in JSON leads to status 500 instead of REQBODY_ERROR 2.x Related to ModSecurity version 2.x
#2807 opened Oct 5, 2022 by dune73
9
Handle strange Windows usernames 2.x Related to ModSecurity version 2.x Platform - IIS
#2798 opened Sep 7, 2022 by cpschoenrank
2
ProTip! Type g p on any issue or pull request to go back to the pull request listing page.