Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Load modsecurity config with OWASP core rules #4080

Merged
merged 1 commit into from
May 14, 2019
Merged

Load modsecurity config with OWASP core rules #4080

merged 1 commit into from
May 14, 2019

Conversation

MRoci
Copy link
Contributor

@MRoci MRoci commented May 13, 2019
edited
Loading

What this PR does / why we need it:
As stated in OWASP-CRS documentation, The CRS assumes that modsecurity.conf has been loaded.
So it doesn't configure the main ModSecurity settings .
Currently loading the owasp-crs is an if-else statement with the default config.
This causes a suppression of audit logs when enable-owasp-modsecurity-crs: "true"

Which issue this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close that issue when PR gets merged):
fixes #3585

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels May 13, 2019
@aledbf
Copy link
Member

aledbf commented May 14, 2019

/lgtm
/approve

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label May 14, 2019
@aledbf
Copy link
Member

aledbf commented May 14, 2019

@MRoci thanks!

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: aledbf, MRoci

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label May 14, 2019
@k8s-ci-robot k8s-ci-robot merged commit 182b282 into kubernetes:master May 14, 2019
@zetaab zetaab mentioned this pull request Jan 29, 2020
Closed
@zetaab
Copy link
Member

zetaab commented Jan 29, 2020

@aledbf @MRoci I think this change is breaking things in modsecurity. It is impossible to set SecRuleEngine On after this change. Please see details in #4385 (comment)

Could you please revert this change or make it work, thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aledbf aledbf Awaiting requested review from aledbf

@ElvinEfendi ElvinEfendi Awaiting requested review from ElvinEfendi

Assignees

@aledbf aledbf

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Enabling OWASP CRS suppresses audit logs in 0.21.0
4 participants
@MRoci @aledbf @k8s-ci-robot @zetaab