Re: [mod-security-users] Sanitize JSON Request / Response
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Sanitize JSON Request / Response
|
From: Cristiano G. <cri...@ga...> - 2018-03-14 21:14:00
|
Hi Christian! Modsecurity: 2.9.0-1 (from Ubuntu repository) Apache 2.4.18-2ubuntu3.5 Tks! Cristiano Galdino cri...@ga... On 14 Mar 2018 17:55 -0300, Christian Folini <chr...@ne...>, wrote: > Hello Christiano, > > What platform are you using? (-> ModSec version, Apache / NGINX / IIS?) > > Ahoj, > > Christian > > On Wed, Mar 14, 2018 at 05:06:28PM -0300, Cristiano Galdino wrote: > > Hello! > > I created a rule in ModSecurity to sanitize param CVV (credit card) but > > it is not working. > > Samples: > > SecAction "nolog,phase:2,id:101,sanitiseArg:CVV” > > SecAction "nolog,phase:4,id:102,sanitiseArg:CVV_Reponse" > > This prevents me from using modsecurity because PCI does not allow CVV > > to be stored. > > I found this issue without response. > > [1]https://github.com/SpiderLabs/ModSecurity/issues/715 > > What can I do? > > > > Cristiano Galdino > > cri...@ga... > > > > References > > > > 1. https://github.com/SpiderLabs/ModSecurity/issues/715 > > > ------------------------------------------------------------------------------ > > Check out the vibrant tech community on one of the world's most > > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > > > _______________________________________________ > > mod-security-users mailing list > > mod...@li... > > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > > http://www.modsecurity.org/projects/commercial/rules/ > > http://www.modsecurity.org/projects/commercial/support/ > > > -- > https://www.feistyduck.com/training/modsecurity-training-course > https://www.feistyduck.com/books/modsecurity-handbook/ > mailto:chr...@ne... > twitter: @ChrFolini > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ |
