Skip to content

expirevar does not take effect #2200

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
grdey1 opened this issue Nov 13, 2019 · 1 comment
Closed

expirevar does not take effect #2200

grdey1 opened this issue Nov 13, 2019 · 1 comment
Labels
3.x Related to ModSecurity version 3.x

Comments

@grdey1
Copy link

grdey1 commented Nov 13, 2019
edited
Loading

I am using the v3/master code, and I want to test the dos attack rule(REQUEST-912-DOS-PROTECTION.conf).
I found that the dos rule matched OK, but the expirevar action seemed has no effect.
After the ip entered the deny state, it would always in that state.
I use the InMemoryPerProcess class backend(not the lmdb class).

I have checked some issues related to this like #1803, #1778, #1754,
but got only more confused.
I have also checked the whole source code, found nothing about the expirevar related logic(but I can found the logic in the 2.x series).

so anyone can give some me advice? do the v3/master code implemented the expirevar action?

Thanks
@zimmerle zimmerle added the 3.x Related to ModSecurity version 3.x label Nov 19, 2019
@zimmerle
Copy link
Contributor

Closing in favor of #1803.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
3.x Related to ModSecurity version 3.x
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@zimmerle @grdey1