List Info

Thread: false positive for domino webmail
false positive for domino webmail
user name
 2006-11-02 14:05:08 
Thank you for the report.  Can you send me your audit_log
entries for
this false positive?  I'll work on a better exception for
this issue
based on your data.

On Thu, 2006-11-02 at 11:39 +0100, Cristian Manfredini
wrote:
> This rule is a false positive for domino 6.5 webmail in
 N-20060928-01
> version of rules.conf
> 
> #Generic XSS filter
> #please report false positives
> SecFilterSelective REQUEST_URI "!/mt.cgi"
chain
> SecFilter
"<[[:space:]]*(script|about|applet|activex|chrome)*&
gt;.*(script|about|applet|activex|chrome)[[:space:]]*>&qu
ot;
> 
> Other exclusion rules are:
> 
> <LocationMatch "/mail">
> SecFilterRemove 300015
> SecFilterRemove 300016
> </LocationMatch>
> 
-- 
Michael T. Shinn                                   
KeyID:0xDAE2EC86
Key Fingerprint:  1884 E657 A6DF DF1B BFB9 E2C5 DCC6 5297
DAE2 EC86
http://pgp.mit.edu:11371/pks/lookup?op=get&s
earch=0xDAE2EC86
  
Got Root?  http://www.gotroot.com
modsecurity rules: http://www.modsecurit
yrules.com
Troubleshooting Firewalls:  http://troublesho
otingfirewalls.com

_______________________________________________
Modsecurity mailing list
Modsecuritygotroot.com
http://lists.gotroot.com/mailman/listinfo/modsecurity
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )