[IrPr]

Im totally agree with yolte

However it may decrease performances but its a trade off between security and performances
it can be disable by default and could be turned on with our own risk

Quote:

Originally Posted by yolte

I think we have to protect customers web sites who doesn't have enough information about script security?
Can you give me examples which rules are protecting from php shells? (for ex: r57, c99)

c99 phpshells can be defected by some tricks because of using common GET args but r57 is more tricky and couldnt be defected without response body check
All phpshells based on malicious functions such exec, shell_exec, system, etc but we can catch local attackers with response body check

Hope be implemented in future