Re: [mod-security-users] Rules database
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Rules database
|
From: Michael S. <mi...@sh...> - 2005-04-17 15:40:52
|
On Mon, 2005-04-11 at 10:16 +0100, Ivan Ristic wrote: > Michael Shinn wrote: > > On Mon, 2005-04-04 at 16:14 +0200, Roman Medina-Heigl Hernandez wrote: > >=20 > >>Gerwin Krist -|- Digitalus Webhosting wrote: > >> > >> > >>>You could try http://www.gotroot.com/downloads/ftp/mod_security/rules.= conf > >> > >>It looks nice. But it seems to be having problems in Apache 1.x > >>(according to the comments). Do you know if they've been fixed? I also > >>read one thread at gotroot.com but it didn't contain specific info abou= t > >>the issue. > >=20 > >=20 > > Hi, I'm the author of those rules. The rules that choke on apache 1.x > > deal with my use of pcre regex'es while Apache 1.x apparently only > > supports POSIX regex's. The solution is that I need to convert all > > those regex's to POSIX regex's for the legacy Apache 1.x systems. > > Otherwise, the rules should work fine. >=20 > If you could send me the translation algorithm, I could try and > put it right into the Apache 1.x version, so the translation would > happen at runtime with both versions supporting the same format? That would certainly be a much easier solution for me. :-) --=20 Michael T. Shinn KeyID:370A4CAB Key Fingerprint: 0057 437C D882 ECFF 716B 7BD6 6E3B F5BA 370A 4CAB http://pgp.mit.edu:11371/pks/lookup?op=3Dget&search=3D0x370A4CAB 1st security axiom: Attacks always get better; they never get worse. |
