HEX
Server: Apache
System: Linux dinesh8189 5.15.98-grsec-sharedvalley-2.lc.el8.x86_64 #1 SMP Thu Mar 9 09:07:30 -03 2023 x86_64
User: cgmgerenciamento1 (814285)
PHP: 8.1.26
Disabled: apache_child_terminate,dl,escapeshellarg,escapeshellcmd,exec,link,mail,openlog,passthru,pcntl_alarm,pcntl_exec,pcntl_fork,pcntl_get_last_error,pcntl_getpriority,pcntl_setpriority,pcntl_signal,pcntl_signal_dispatch,pcntl_sigprocmask,pcntl_sigtimedwait,pcntl_sigwaitinfo,pcntl_strerror,pcntl_wait,pcntl_waitpid,pcntl_wexitstatus,pcntl_wifexited,pcntl_wifsignaled,pcntl_wifstopped,pcntl_wstopsig,pcntl_wtermsig,php_check_syntax,php_strip_whitespace,popen,proc_close,proc_open,shell_exec,symlink,system
$ pwd: /usr/local/modsecurity-crs/.github/ISSUE_TEMPLATE/
Upload Files
File: //usr/local/modsecurity-crs/.github/ISSUE_TEMPLATE/new_issue.yaml
name: New Issue
description: Report something that doesn't fit in any other category
labels:
  - ":question: question"
body:
  - type: markdown
    attributes:
      value: |
        Please do not open issues for help and support running Coraza, ModSecurity or the OWASP CRS. Instead, use one of the following channels to reach our project:
          * https://security.stackexchange.com/questions/tagged/owasp-crs
          * https://x.com/coreruleset
          * https://groups.google.com/a/owasp.org/g/modsecurity-core-rule-set-project
          * https://owasp.org/slack/invite (-> Channel #coreruleset)
  - type: textarea
    id: description
    attributes:
      label: Description
      description: We want to be able to understand and to reproduce your problem. Please describe it here in detail. It is safest if you assume we know nothing about your service or software.
      placeholder: Provide a detailed description of the issue
    validations:
      required: true
  - type: textarea
    id: reproduce
    attributes:
      label: How to reproduce the misbehavior (-> curl call)
      description: |
        It is easiest for us, if you submit a curl request that triggers your problem. If you can not do this, then please skip this section but be sure to fill out the next one in detail.

        Please test your curl call against the CRS Sandbox before submitting.
        https://coreruleset.org/docs/development/sandbox/
      placeholder: Provide the curl call
      render: bash
  - type: textarea
    id: logs
    attributes:
      label: Logs
      description: |
        Feel free to skip this section if you provided a curl call above.

        Ideally, you provide a full audit log of the request, relevant infos out of the error log or at least a screenshot where we can see the payload so we can reproduce the behavior.

        Usually, you find the logs at a location like /var/log/modsec_audit.log. When using a CDN or cloud server, the naming of the logs and their location depends on the provider. Please refer to their documentation.

        If you cannot submit neither a curl call nor log files nor a payload to reproduce the behavior, then there is literally nothing we can do for you. Please help us by providing the information we need to help you.
      placeholder: Provide the logs or relevant information
  - type: textarea
    id: environment
    attributes:
      label: Your Environment
      description: Please provide all relevant information about your environment.
      placeholder: |
        * CRS version (e.g., v3.3.4):
        * Paranoia level setting (e.g. PL1):
        * ModSecurity version (e.g., 2.9.6):
        * Web Server and version or cloud provider / CDN (e.g., Apache httpd 2.4.54):
        * Operating System and version:
    validations:
      required: true
  - type: checkboxes
    id: confirmation
    attributes:
      label: Confirmation
      description: |
        Please confirm the following:
      options:
        - label: I have removed any personal data (email addresses, IP addresses, passwords, domain names) from any logs posted.
          required: true
@ Telegram