pushing to v3.0.2

CHANGES

@@ -5,6 +5,10 @@
   or the CRS mailinglist at
 * https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
 
+== Version 3.0.2 - 5/FIXME/2017 ==
+
+ * Remove debug rule that popped up in 3.0.1 (Christian Folini)
+
 == Version 3.0.1 - 5/9/2017 ==
 
  * SECURITY: Removed insecure handling of X-Forwarded-For header;

crs-setup.conf.example

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.1
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under
@@ -771,4 +771,4 @@ SecAction \
   nolog,\
   pass,\
   t:none,\
-  setvar:tx.crs_setup_version=301"
+  setvar:tx.crs_setup_version=302"

rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.example

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/REQUEST-901-INITIALIZATION.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.1
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under
@@ -25,8 +25,7 @@
 #
 # Ref: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#wiki-SecComponentSignature
 #
-SecComponentSignature "OWASP_CRS/3.0.1"
-
+SecComponentSignature "OWASP_CRS/3.0.2"
 
 #
 # -=[ Default setup values ]=-

rules/REQUEST-903.9001-DRUPAL-EXCLUSION-RULES.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/REQUEST-903.9002-WORDPRESS-EXCLUSION-RULES.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/REQUEST-905-COMMON-EXCEPTIONS.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/REQUEST-910-IP-REPUTATION.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/REQUEST-911-METHOD-ENFORCEMENT.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/REQUEST-912-DOS-PROTECTION.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/REQUEST-913-SCANNER-DETECTION.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under
@@ -497,7 +497,6 @@ SecRule TX:CRS_VALIDATE_UTF8_ENCODING "@eq 1" \
 # https://www.checkpoint.com/defense/advisories/public/2007/cpai-2007-201.html
 # https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/719
 #
-SecRule REQUEST_URI "(.*)" "msg:'got %{tx.0}',id:22,capture"
 SecRule REQUEST_URI|REQUEST_BODY "\%u[fF]{2}[0-9a-fA-F]{2}" \
   "msg:'Unicode Full/Half Width Abuse Attack Attempt',\
    id:920260,\

rules/REQUEST-921-PROTOCOL-ATTACK.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/REQUEST-931-APPLICATION-ATTACK-RFI.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/REQUEST-949-BLOCKING-EVALUATION.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/RESPONSE-950-DATA-LEAKAGES.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/RESPONSE-952-DATA-LEAKAGES-JAVA.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/RESPONSE-954-DATA-LEAKAGES-IIS.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/RESPONSE-959-BLOCKING-EVALUATION.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/RESPONSE-980-CORRELATION.conf

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under

rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf.example

@@ -1,5 +1,5 @@
 # ------------------------------------------------------------------------
-# OWASP ModSecurity Core Rule Set ver.3.0.0
+# OWASP ModSecurity Core Rule Set ver.3.0.2
 # Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
 #
 # The OWASP ModSecurity Core Rule Set is distributed under