[QuantumNet]

You state in the post I quoted that you dont support

Quote:

1. xml related.
2. pdf related.
3. lua script (we are investigating, may add, but low priority)
4. geo lookup (duplicate with mod_geoip, can use env added by mod_geoip)
5. inspecting response body (still evaluating)
6. executing external script

the wiki states that

Quote:

Not Yet Support Features

scan response header/body.(Note: request header/body are supported)
scan attached files content in multi-part upload
PDF functions
lua
parsing XML

But yet you dont support even the basic core ruleset:
https://www.owasp.org/index.php/Cate...le_Set_Project

it doesnt matter if I disable lua xml or even all of the configuration files except say the basic one:

modsecurity_crs_40_generic_attacks.conf

or
modsecurity_crs_41_xss_attacks.conf

or

modsecurity_crs_41_sql_injection_attacks.conf


None of them work with litespeed even with a single simple ruleset used... much less the 20 rulesets that are part of the core ruleset

so to say you are compatible at all is a lie.