Closed
Description
I use the ruleset on mod_security IIS. I just tried to upload the latest ruleset to our web server and Windows Defender flagged the file RESPONSE-955-WEB-SHELLS.conf as containing Backdoor:PHP/Dirtelti.MTJ.
I scanned the file with Sophos locally before uploading and it did not alert. I've subsequently run the file through A number of vendors and the only one alerting is Microsoft. Are to able to confirm this is a false positive.
For now I'll continue to run V3.3.5.
Thanks
Metadata
Metadata
Assignees
Labels
No labels