You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi, is there a plan to explore the use of Modsecurity OWASP CRS v3 for the Roxy-Wi?
Also, I've been testing the Roxy-Wi for quite sometime and it works, but previously I've been testing the WAF and it seems the CSRF rules are not working by default(even though the rules is included in the waf/rules directory, I've looked through some documentations and modified modsecurity.conf to link the csrf and other relevant rules to it but when I tried to, the WAF is unable to start, and cannot find any detailed logs but assuming it is related to the rules I've enabled, namely csrf and hijacking_session.
would you be able to give me an advise. realyl appreciate it. Thanks
The text was updated successfully, but these errors were encountered:
Not all rules work by default, Roxy-WI includes only rules which work with ModSec v2 by default. By default Modsec writes log into /var/www/waf.log, if it has been installed via Roxy-WI. I guess something could be there, I didn't dive deep
Hi, is there a plan to explore the use of Modsecurity OWASP CRS v3 for the Roxy-Wi?
Also, I've been testing the Roxy-Wi for quite sometime and it works, but previously I've been testing the WAF and it seems the CSRF rules are not working by default(even though the rules is included in the waf/rules directory, I've looked through some documentations and modified modsecurity.conf to link the csrf and other relevant rules to it but when I tried to, the WAF is unable to start, and cannot find any detailed logs but assuming it is related to the rules I've enabled, namely csrf and hijacking_session.
would you be able to give me an advise. realyl appreciate it. Thanks
The text was updated successfully, but these errors were encountered: