github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2026-01-13 06:57:10 +03:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • eb6b9274af Redo build system to properly use autotools and avoid compilation with apxs util. b1v1r 2010-04-25 23:24:09 +00:00
  • 972e46825c Add an option to grab the latest release candidate or stable which is intended to be used on dev servers to stage production. b1v1r 2010-04-25 23:17:38 +00:00
  • 98982e2962 Added the SecDisableBackendCompression directive ivanr 2010-03-19 20:00:59 +00:00
  • b784acd316 Merged in 2.5.x changes into trunk. b1v1r 2010-02-14 22:46:42 +00:00
  • 623191bf61 Cleanup mlogc code and debug output. b1v1r 2010-02-14 22:33:53 +00:00
  • 63f60ad8f4 Add ability to use mlogc on Windows (MODSEC-136). b1v1r 2010-02-14 22:33:04 +00:00
  • a29514bdb0 Add README_WINDOWS.TXT from Tom Donovan. b1v1r 2010-02-14 22:32:38 +00:00
  • 658966a433 Remove ability to use relative paths to a piped audit logger. b1v1r 2010-02-14 22:31:59 +00:00
  • cb2a82fa28 Fix memory leak freeing compiled regex (MODSEC-138). b1v1r 2010-02-14 22:31:16 +00:00
  • f925a978ab Update CHANGES ivanr 2010-02-11 20:09:14 +00:00
  • b48fdddf4c Merged changes from 2.5.x to trunk. b1v1r 2010-02-11 17:49:15 +00:00
  • b5392b2f7f Added more documentation for pcre limits. b1v1r 2010-02-11 17:44:10 +00:00
  • 5769afbef3 Use #pragma instead of #warning as it is not portable and treated as an error on Windows. b1v1r 2010-02-11 17:44:02 +00:00
  • 1b74aa52a7 Update versions for next release. b1v1r 2010-02-11 17:43:50 +00:00
  • b8446eb1a5 Tag 2.5.12 for release. v2.5.12 b1v1r 2010-02-05 20:45:11 +00:00
  • 6f548e91f7 Fixed bad merge in CHANGES. b1v1r 2010-02-05 19:11:38 +00:00
  • 08edc0c26f Merge 2.5.x (2.5.12) changes into trunk. b1v1r 2010-02-05 19:05:20 +00:00
  • 6748e04996 Cleanup path nomalization routine and add some further regression tests (MODSEC-123). b1v1r 2010-02-05 18:38:56 +00:00
  • 04fe141c73 Fixed SecUploadFileMode to set the correct mode (MODSEC-129). b1v1r 2010-02-05 18:26:43 +00:00
  • b8509495d9 Fixed nolog,auditlog/noauditlog/nolog controls for disruptive actions (MODSEC-78, MODSEC-130) b1v1r 2010-02-05 18:24:44 +00:00
  • cd730842da Fixed compiles using PCRE pre v6.5 (ie Apache includes 5.0) b1v1r 2010-02-05 18:23:18 +00:00
  • 81105d03c4 Update 2.5.12 release date due to another minor change. b1v1r 2010-02-05 18:22:13 +00:00
  • fa483ce717 Added additional file info definitions introduced in APR 0.9.5 so that we will work with older APRs (IBM HTTP Server v6). b1v1r 2010-02-05 18:21:09 +00:00
  • 967741dbe3 Change version to 2.5.12. b1v1r 2010-02-05 18:19:23 +00:00
  • e4bae30942 Added TX:MSC_* flags to minimal conf file. b1v1r 2010-02-05 18:18:18 +00:00
  • ade2c6bcf5 Cleanup some regression tests. b1v1r 2010-02-05 18:17:18 +00:00
  • 513c87ee45 Added SecUploadFileLimit (MODSEC-116). b1v1r 2010-02-05 18:15:31 +00:00
  • 3fccc35a5a Rewrote path normalization routine (MODSEC-123). b1v1r 2010-02-05 18:14:08 +00:00
  • bc1fa4b15d Fixed doc copy/paste errors and cleanup formatting. b1v1r 2010-02-05 18:13:14 +00:00
  • 4b6f8eabe1 Trim whitespace around phrases used with @pmFromFile and allow for both LF and CRLF terminated lines (MODSEC-126). b1v1r 2010-02-05 18:12:53 +00:00
  • 5fed94b8e6 Code/doc cleanup. b1v1r 2010-02-05 18:12:07 +00:00
  • e6699ca7bf Allow for more robust parsing for multipart header folding. Reported by Sogeti/ESEC R&D (MODSEC-118). Added additional multipart regression tests. b1v1r 2010-02-05 18:11:36 +00:00
  • f33137ea66 Make sure to set variable name length. b1v1r 2010-02-05 18:10:09 +00:00
  • 589274903d Added PCRE limits and studying by default to help alleviate REDoS reported by Sogeti/ESEC R&D (MODSEC-119). b1v1r 2010-02-05 18:09:19 +00:00
  • d66760d09c Fixed memory leak in v1 cookie parser reported by Sogeti/ESEC R&D (MODSEC-121). b1v1r 2010-02-05 18:07:56 +00:00
  • ed11e27e0f Moving performance logging from level 3 to level 4 to prevent it from polluting the error log ivanr 2010-02-04 08:39:26 +00:00
  • 7262e026d2 Now support macro expansion in numeric operators @eq, @ge, @lt, etc. (MODSEC-109). b1v1r 2010-02-03 23:50:38 +00:00
  • bfe41347d2 Update copyright to 2010. b1v1r 2010-02-03 23:50:24 +00:00
  • e0f1608408 Move writing to collections and GC earlier so that the results can be logged. ivanr 2010-02-03 08:59:33 +00:00
  • 0ecfe86c3c Add PERF_GC. ivanr 2010-02-03 08:46:42 +00:00
  • 5448b3fc26 Log the duration of garbage collection at level 3. ivanr 2010-02-03 07:29:54 +00:00
  • 5c4733f1ab Add REQUEST_BODY_LENGTH. ivanr 2010-02-02 13:48:30 +00:00
  • b8837bbfb2 Change the format string from m (already taken) to M. ivanr 2010-02-02 12:45:28 +00:00
  • 4cd09b9daf Revert unneeded changes in r1459. ivanr 2010-02-01 19:10:31 +00:00
  • c24e61ac85 Added missing conditional debug logging. ivanr 2010-02-01 16:14:51 +00:00
  • 9bd9f33594 Run phase 5 prior to mod_log_config. Now for real. ivanr 2010-02-01 14:01:33 +00:00
  • 86407062e4 Do not use 'total' to refer to PERF_COMBINED in the logs. Use 'combined' instead.' ivanr 2010-02-01 12:31:32 +00:00
  • 221af6f5c1 Add PERF_ALL, sepearate PERF_STORAGE into PERF_SREAD and PERF_SWRITE. ivanr 2010-02-01 12:10:28 +00:00
  • bc35ab7e0b Implement variables for access to performance measurements. ivanr 2010-02-01 11:44:32 +00:00
  • a4d5d50be9 Integrate with mod_log_config (MODSEC-108). ivanr 2010-02-01 11:01:17 +00:00
  • 7b56982f26 Implemented a new time-measuring mechanism. Added Stopwatch2. ivanr 2010-02-01 09:42:23 +00:00
  • d259373331 Add DURATION. ivanr 2010-01-27 14:11:33 +00:00
  • 51e7bfcc03 Document phase 5 changes in CHANGES ivanr 2010-01-26 21:59:57 +00:00
  • f740b4f228 Run phase 5 prior to mod_log_config. ivanr 2010-01-26 12:12:14 +00:00
  • ce106df275 Generate error messages when registration fails. Change all examples to use modsecurity.h to avoid the duplication of the optional function declarations. ivanr 2010-01-09 13:54:09 +00:00
  • c60ab6bfda Merged changes from 2.5.x into trunk. b1v1r 2009-12-21 16:38:21 +00:00
  • fdade740d4 Reserve Ivan an ID block. b1v1r 2009-12-21 16:33:27 +00:00
  • c341899b4b Merge in changes from 2.5.x. b1v1r 2009-12-14 19:20:48 +00:00
  • 13d0245b6b Document changes ivanr 2009-12-14 18:49:18 +00:00
  • ea4b75d8b1 Document changes ivanr 2009-12-14 18:48:35 +00:00
  • 34ee235d73 Change SECACTION_TARGETS and SECMARKET_TARGETS to REMOTE_ADDR ivanr 2009-12-13 08:43:56 +00:00
  • d1c38bf029 Change SECACTION_TARGETS and SECMARKET_TARGETS to REMOTE_ADDR ivanr 2009-12-13 08:43:56 +00:00
  • 6d5e752cb3 Added URLENCODED_ERROR, which is raised when invalid URL encoding is encountered ivanr 2009-12-12 14:21:17 +00:00
  • 62f7e68234 Update CHANGES retroactively ivanr 2009-12-12 14:20:22 +00:00
  • 6a29308202 Remove one missed reference to the PDF UXSS filter ivanr 2009-12-09 16:57:10 +00:00
  • aa3b20eccb Optimise the unsetting of the previous data capture variables ivanr 2009-12-07 18:08:41 +00:00
  • 23c3237d1c Added missing log level checks before logging. ivanr 2009-12-07 17:27:39 +00:00
  • 7916942fe3 Remove unused variable ivanr 2009-12-07 11:45:23 +00:00
  • 76583d80fa Added the missing log messages for the ctl action; optimised the existing log messages (MODSEC-99). ivanr 2009-12-04 23:50:51 +00:00
  • 839b7f81e0 Removed the obsolete PDF UXSS functionality (MODSEC-96). ivanr 2009-12-04 23:33:47 +00:00
  • 853b1f9fc8 Convert 'normalise' into 'normalize' throughout, but support the previous version for backward compatibility (MODSEC-103) ivanr 2009-12-04 23:15:44 +00:00
  • 3ca9a03c7e Fix typo in configure.in (MODSEC-101). b1v1r 2009-12-01 16:54:03 +00:00
  • 1fb6f974db Update the documentation referring to phase processing ivanr 2009-11-12 08:23:58 +00:00
  • cb8b76f4ef Process phase 1 in the same Apache hook as phase 2 (MODSEC-98) ivanr 2009-11-07 10:14:40 +00:00
  • 3b12989683 Merge 2.5.x changes into trunk. b1v1r 2009-11-07 00:06:26 +00:00
  • 92e6c81530 Fix CHANGES. b1v1r 2009-11-06 21:47:34 +00:00
  • 1f9bd13efc Fix quoting for demo page. b1v1r 2009-11-06 21:40:54 +00:00
  • b01f8190e4 Merged 2.5.x changes for 2.5.11 into trunk. b1v1r 2009-11-06 18:38:15 +00:00
  • 106eee4720 Tag 2.5.11 for release. v2.5.11 b1v1r 2009-11-06 18:32:45 +00:00
  • efc9d4e68f Fixed parsing quoted strings in multipart Content-Disposition headers (part2). b1v1r 2009-11-05 19:49:30 +00:00
  • d33f656b93 Fixed parsing quoted strings in multipart Content-Disposition headers. b1v1r 2009-11-05 19:36:32 +00:00
  • 92cff5c58e Cleanup persistent locking (MODSEC-97). b1v1r 2009-11-05 01:26:17 +00:00
  • 68b95b3c24 Cleanup mlogc logging and add note recommending against gnutls for SSL/TLS. b1v1r 2009-11-04 06:58:50 +00:00
  • a73da836e2 Do not log output filter errors to the error log (MODSEC-70). b1v1r 2009-11-04 00:12:33 +00:00
  • 76969fea1d Moved output filter to run before other stock filters (MODSEC-89). b1v1r 2009-11-03 23:49:36 +00:00
  • 8fe278e845 Change 'sanitise' to 'sanitize' everywhere, preserving the 'sanitise' action variants for backward compatibility. ivanr 2009-10-29 17:57:18 +00:00
  • 6d83f91b2b More updates to build, removing Apache based build files. b1v1r 2009-10-21 18:32:52 +00:00
  • 9a526c0900 Merge in 2.5.x build changes into trunk. b1v1r 2009-10-21 18:14:14 +00:00
  • b2f8dc1941 Remove some Apache build files that were not required. Fix compiler warning causing CI build server to report errors with older compiler. b1v1r 2009-10-21 18:06:37 +00:00
  • 55f54e17e5 Merge 2.5.x changes into trunk. b1v1r 2009-10-21 17:15:40 +00:00
  • fd23b6486f Added a --disable-errors to configure so that you can still build mlogc without httpd/apxs. b1v1r 2009-10-21 16:31:29 +00:00
  • a1a67592ff Do not log debugging message as a warning (MODSEC-91) ivanr 2009-09-29 10:00:51 +00:00
  • af5c47f513 Do not log debugging message as a warning (MODSEC-91) ivanr 2009-09-29 10:00:51 +00:00
  • b5957cde5e Update document generation. b1v1r 2009-09-25 16:33:37 +00:00
  • c8e5a2dcd6 Add missing autotool generated files. b1v1r 2009-09-24 19:26:57 +00:00
  • a52c4f97bb Tag 2.5.10 for release. v2.5.10 b1v1r 2009-09-24 19:13:34 +00:00
  • 21ecf99dab Merge 2.5.x changes into trunk. b1v1r 2009-09-24 19:11:16 +00:00
  • 9b13fec05e Cleanup apu and lua find macros. b1v1r 2009-09-22 06:41:22 +00:00
  • e39b46e0cc Update Windows Makefile.win for mlogc. b1v1r 2009-09-21 15:40:54 +00:00
  • cb03e372da More updates for Windows - many thanks to apachelounge.com for these. b1v1r 2009-09-20 03:08:45 +00:00