github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-17 14:46:13 +03:00
Code Issues Packages Projects Releases Wiki Activity
1,647 Commits 55 Branches 109 Tags
Commit Graph

145 Commits

Author SHA1 Message Date
brenosilva
5eaa1a7345 Added SecWriteStateLimit for slow post DoS 2011-05-05 17:01:57 +00:00
brenosilva
1aa4cace65 Fix compiler warnings 2011-04-27 21:54:16 +00:00
brenosilva
6b7edc4d47 Fixes, code cleanups, improvements 2011-04-27 15:58:22 +00:00
brenosilva
f64b5544af Move version() to mod_security2 2011-04-11 18:34:47 +00:00
brenosilva
9c5e0a4f98 Improvements in detection only 2011-04-05 17:41:52 +00:00
brenosilva
b8828ad3f1 Improvements in detection only 2011-04-05 17:22:02 +00:00
brenosilva
13980bd044 Improvements in detection only 2011-04-05 01:53:31 +00:00
brenosilva
ae006f7a81 Improvements in detection only 2011-04-05 01:53:16 +00:00
brenosilva
0f5b0debea Print when request is blocked when it is larger than the configuration 2011-04-04 19:17:29 +00:00
brenosilva
6e3bb889c4 Print when request is blocked when it is larger than the configuration 2011-04-04 19:05:55 +00:00
brenosilva
1e2f836b32 Print when request is blocked when it is larger than the configuration 2011-04-04 18:55:04 +00:00
brenosilva
ed06ed2aec Fix issue in detection only 2011-04-04 16:37:18 +00:00
brenosilva
d696341663 ErrorDocuments and internal redirect hook is available for testing 2011-03-31 13:40:36 +00:00
brenosilva
104f0de46e New License 2011-03-30 14:12:44 +00:00
brenosilva
49732256f6 Improvements, fixes and new features 2011-03-25 13:51:13 +00:00
brenosilva
c04a4edb4b MODSEC-144 2011-03-11 18:48:58 +00:00
brenosilva
74666fe2ca MODSEC-181 2011-03-02 17:41:36 +00:00
brenosilva
7f52d86e4b Include data edition, sanitizematched and few fixes 2011-02-14 12:49:55 +00:00
brenosilva
fdded33831 MODSEC-60 2011-01-12 15:45:46 +00:00
brenosilva
1260d2b097 MODSEC-104 2010-12-23 12:27:57 +00:00
brenosilva
549f059480 move 2.5.13 into trunk 2010-12-08 18:58:18 +00:00
b1v1r
ea34defc0d Added mod_remoteip.c to to postread_beforeme_list (MODSEC-158). 2010-05-12 22:19:04 +00:00
b1v1r
058283fb5a Add the ability to build custom request body parser extensions. 
Add an example for a request body parser extension.
 2010-05-05 23:01:11 +00:00
ivanr
98982e2962 Added the SecDisableBackendCompression directive 2010-03-19 20:00:59 +00:00
b1v1r
08edc0c26f Merge 2.5.x (2.5.12) changes into trunk. 2010-02-05 19:05:20 +00:00
ivanr
b8837bbfb2 Change the format string from m (already taken) to M. 2010-02-02 12:45:28 +00:00
ivanr
9bd9f33594 Run phase 5 prior to mod_log_config. Now for real. 2010-02-01 14:01:33 +00:00
ivanr
a4d5d50be9 Integrate with mod_log_config (MODSEC-108). 2010-02-01 11:01:17 +00:00
ivanr
7b56982f26 Implemented a new time-measuring mechanism. Added Stopwatch2. 2010-02-01 09:42:23 +00:00
ivanr
f740b4f228 Run phase 5 prior to mod_log_config. 2010-01-26 12:12:14 +00:00
ivanr
6a29308202 Remove one missed reference to the PDF UXSS filter 2009-12-09 16:57:10 +00:00
ivanr
7916942fe3 Remove unused variable 2009-12-07 11:45:23 +00:00
ivanr
839b7f81e0 Removed the obsolete PDF UXSS functionality (MODSEC-96). 2009-12-04 23:33:47 +00:00
ivanr
cb8b76f4ef Process phase 1 in the same Apache hook as phase 2 (MODSEC-98) 2009-11-07 10:14:40 +00:00
b1v1r
b01f8190e4 Merged 2.5.x changes for 2.5.11 into trunk. 2009-11-06 18:38:15 +00:00
b1v1r
a16eb9677c Merge 2.5.x changes into trunk. 2009-05-16 10:42:32 +00:00
b1v1r
dc0a2161ac Merge 2.5.9 changes into trunk. 2009-03-12 15:31:10 +00:00
brectanus
67c48bfdfb Added ability to use ctl:requestBodyAccess=off in phase:1 to avoid limit check. 
Added regression tests for this as well.
 2008-09-10 19:45:13 +00:00
brectanus
20cc395510 Added mlogc source. 2008-09-02 23:10:36 +00:00
brectanus
225339525d Allow disabling processing of request body size limit in phase 1. See #518. 2008-08-15 20:21:25 +00:00
brectanus
10713fbd37 Sync up branches/2.5.x and trunk. 2008-07-31 22:36:24 +00:00
ivanr
c3fd0231d0 Prevent phases from being processed more than once. 2008-06-05 14:52:48 +00:00
brectanus
83ff6c4796 Re-enable error output filter with a fix after more testing/tracing of code. See #498. 
Update versions to ready for release of 2.5.5.
 2008-06-03 20:28:05 +00:00
brectanus
0c1f2f2e09 Fixed blocking in phase 3 by reverting changeset:591 (for now). See #65 and #498. 2008-05-30 19:31:22 +00:00
brectanus
8f7b861d94 Added mod_rpaf-2.0 and mod_custom_header to the beforeme list. 2008-05-09 15:50:17 +00:00
brectanus
fa3462f48f Add the MODSEC_2.5 define to 2.6 for compatibility. 2008-04-11 20:06:48 +00:00
brectanus
7a1e2db148 Fixed code according to Ivan's review. 2008-02-20 00:41:43 +00:00
brectanus
f428d37680 Cleanup - remove extraneous whitespace and tabs. 2008-02-07 21:45:05 +00:00
brectanus
e2ad283fdb Fix some sprintf formatters so they do not generate warnings. 2008-02-04 21:50:10 +00:00
brectanus
9fb03d277d Fixing code based on review comments... 
Cleaned up what vars are cacheable.
Added parens around "*foo++" where it clarified the operation to be "*(foo++)".
Added " at VARNAME" to operator matches where needed.
Escaped var->name in the var generation (user-supplied data).
Marked a bunch of TODOs as ENHs instead.
Transformed some C++ style comments to C style.
Removed the %0-9 macros code which was commented out.
Optimized some ctl action code so that multiple ifs are else ifs.
Implemented some error messages marked as ENH.
Make commented out acmp debugging a configure-time option.
Cleanup GEO debug log messages.
Added relative filename support for geo dbs.
Added help text to Sec* directives.
 2008-01-18 00:47:30 +00:00