github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2026-01-13 15:07:10 +03:00
Code Issues Packages Projects Releases Wiki Activity
770 Commits 55 Branches 109 Tags
589274903df967f12929b7d93c5831369aca2141
Commit Graph

570 Commits

Author SHA1 Message Date
b1v1r
589274903d Added PCRE limits and studying by default to help alleviate REDoS reported by Sogeti/ESEC R&D (MODSEC-119). 2010-02-05 18:09:19 +00:00
b1v1r
d66760d09c Fixed memory leak in v1 cookie parser reported by Sogeti/ESEC R&D (MODSEC-121). 2010-02-05 18:07:56 +00:00
b1v1r
7262e026d2 Now support macro expansion in numeric operators @eq, @ge, @lt, etc. (MODSEC-109). 2010-02-03 23:50:38 +00:00
b1v1r
bfe41347d2 Update copyright to 2010. 2010-02-03 23:50:24 +00:00
ivanr
34ee235d73 Change SECACTION_TARGETS and SECMARKET_TARGETS to REMOTE_ADDR 2009-12-13 08:43:56 +00:00
b1v1r
3ca9a03c7e Fix typo in configure.in (MODSEC-101). 2009-12-01 16:54:03 +00:00
b1v1r
1f9bd13efc Fix quoting for demo page. 2009-11-06 21:40:54 +00:00
b1v1r
efc9d4e68f Fixed parsing quoted strings in multipart Content-Disposition headers (part2). 2009-11-05 19:49:30 +00:00
b1v1r
d33f656b93 Fixed parsing quoted strings in multipart Content-Disposition headers. 2009-11-05 19:36:32 +00:00
b1v1r
92cff5c58e Cleanup persistent locking (MODSEC-97). 2009-11-05 01:26:17 +00:00
b1v1r
68b95b3c24 Cleanup mlogc logging and add note recommending against gnutls for SSL/TLS. 2009-11-04 06:58:50 +00:00
b1v1r
a73da836e2 Do not log output filter errors to the error log (MODSEC-70). 2009-11-04 00:12:33 +00:00
b1v1r
76969fea1d Moved output filter to run before other stock filters (MODSEC-89). 2009-11-03 23:49:36 +00:00
b1v1r
b2f8dc1941 Remove some Apache build files that were not required. 
Fix compiler warning causing CI build server to report errors with older compiler.
 2009-10-21 18:06:37 +00:00
b1v1r
fd23b6486f Added a --disable-errors to configure so that you can still build mlogc without httpd/apxs. 2009-10-21 16:31:29 +00:00
ivanr
af5c47f513 Do not log debugging message as a warning (MODSEC-91) 2009-09-29 10:00:51 +00:00
b1v1r
c8e5a2dcd6 Add missing autotool generated files. 2009-09-24 19:26:57 +00:00
b1v1r
9b13fec05e Cleanup apu and lua find macros. 2009-09-22 06:41:22 +00:00
b1v1r
e39b46e0cc Update Windows Makefile.win for mlogc. 2009-09-21 15:40:54 +00:00
b1v1r
cb03e372da More updates for Windows - many thanks to apachelounge.com for these. 2009-09-20 03:08:45 +00:00
b1v1r
a6710d0dd0 Use int instead of mode_t to appease Windows. 2009-09-19 22:56:18 +00:00
b1v1r
0c7559ee6a Cleanup mlogc so it builds on Windows. 2009-09-18 17:57:59 +00:00
b1v1r
dc548f01cf Cleanup test scripts. 2009-09-18 08:34:12 +00:00
b1v1r
11a4e99d18 Remove extraneous version number causing 2.5.100 to be displayed. 2009-09-03 18:54:22 +00:00
b1v1r
3afae2ff91 Attempt to handle Apache filter error codes instead of incorrectly looking them up as APR error codes. 2009-08-27 07:38:26 +00:00
b1v1r
13f35361a0 Update version to prepare for official 2.5.10 release. 2009-08-27 07:37:04 +00:00
b1v1r
f02733fdb7 Update version for 2.5.10-dev3 release. 2009-08-25 22:15:56 +00:00
b1v1r
7333260b9b Added SecAuditLogDirMode and SecAuditLogFileMode (MODSEC-82). 
Cleaned up SecUploadFileMode implementation.
 2009-08-25 00:29:56 +00:00
b1v1r
ea4b01fb38 Remove C++ compiler dependency brought in from an overzelous autoscan copy/paste (MODSEC-84). 2009-08-20 00:06:14 +00:00
b1v1r
9934c5c26a Cleanup/simplify the build/find_* scripts. 2009-08-13 06:25:06 +00:00
b1v1r
d25d740c94 Update version for 2.5.10-dev2. 2009-08-12 22:24:13 +00:00
b1v1r
0680e9e71a Fixed crash on configuration if SecMarker is used before any rules. 
Fixed SecRuleUpdateActionById so that it will work on chain starters (MODSEC-37).
 2009-08-12 21:41:15 +00:00
b1v1r
9a5cf44fda Cleanup build for mlogc (MODSEC-83). 2009-08-12 18:43:57 +00:00
b1v1r
4a248f3202 Update regression tests. 2009-07-27 21:56:33 +00:00
b1v1r
2593704e27 Clarify the new MaxWorkerRequests mlogc parameter. 2009-07-27 20:17:59 +00:00
b1v1r
5046369e0c Add a MaxWorkerRequests limit to mlogc to force recycling workers after they have processed a number of requests. 2009-07-27 20:14:42 +00:00
b1v1r
206eb02bd1 Allow mlogc to periodically flush memory pools (MODSEC-68). 2009-07-24 05:04:55 +00:00
b1v1r
b77784c3ee Always log the message in the auditlog if "auditlog" is used (MODSEC-78). 2009-07-23 21:26:19 +00:00
b1v1r
038e12c37f Add some more logging of the HTTP data. 
Force SSLv3 (for now) as there seems to be some issues with auto-neg.
 2009-07-22 17:37:14 +00:00
b1v1r
2a4dca432b Remove deprecated lines from a seemingly bad merge. This may resolve MODSEC-47, but not verified. 2009-06-15 19:23:23 +00:00
b1v1r
664d304c1f Update logging, adding ability to trim newline and escape data. 2009-06-03 06:38:43 +00:00
b1v1r
510ab38397 Cleanup distclean and maintainer-clean targets. 2009-06-01 22:27:22 +00:00
b1v1r
ad6dcb3926 Add debugging of stat calls in mlogc. 2009-05-31 12:09:48 +00:00
b1v1r
87da300b1d Cleanup OSF1 builds. 2009-05-31 11:02:17 +00:00
b1v1r
da370a9a88 Add handling of -pthread option to apxs-wrapper for Tru64 builds. 2009-05-31 09:19:26 +00:00
b1v1r
c99f8fa2c9 Escape and reformat XML errors/warnings to avoid breaking audit log format. 2009-05-31 08:37:47 +00:00
b1v1r
b5204a86ab Fixed an issue where @pm was not ignoring case. 
Documented case insensitivity of @pm.
 2009-05-29 20:46:24 +00:00
b1v1r
2f0debef59 Look for env or printenv to search environment vars. 2009-05-28 21:57:49 +00:00
b1v1r
4169360ec1 Add OSF1 as a platform not supporting hidden attributes. 2009-05-28 21:43:12 +00:00
b1v1r
1f866d4bb7 Revert back to --with-libxml so we maintain backwards compat. 
Look for env and grep commands.
 2009-05-27 22:08:04 +00:00