Projects/OWASP ModSecurity Core Rule Set Project/Releases/ModSecurity 2.1.2

From OWASP
Revision as of 15:43, 15 March 2011 by Paulo Coimbra (Talk | contribs)

Jump to: navigation, search

back to project home page

what is this release?
ModSecurity 2.1.2 - 02/17/2011 - (download)
Release Description:
  • Improvements:

- Added experimental real-time application profiling ruleset. - Added experimental Lua script for profiling the # of page scripts, iframes, etc.. which will help to identify successful XSS attacks and planting of malware links. - Added new CSRF detection rule which will trigger if a subsequent request comes too quickly (need to use the Ignore Static Content rules).

  • Bug Fixes:

- Added missing " in the skipAfter SecAction in the CC Detection rule set

Release License: GNU General Public License - Version 2.0
who worked on this release?
Release Leader(s):
how can you learn more?
Release Notes: View
Release Rating: Yellow button.JPG Not Reviewed - Assessment Details
Key Contacts
  • Contact the GPC to report a problem or concern about this release info or to update information.