Description
I'd love to see a feature similar to @pmFromFile that counts the number of matches instead of returning a boolean.
I've been using ModSecurity for about a year and I've found that the available operators allow me to achieve most things I can think of fairly gracefully. However, the one operator I feel is missing is something similar to @pmFromFile that returns the number of matches instead of a boolean.
I believe this would make ModSecurity much more useful for dealing with comment spam, particularly when combined with the existing RBL capabilities.
I'm hoping to put a list of keywords in a file and use the number of matches returned by the operator to increment a transaction variable for comment spam. No doubt it would be useful for other things too!
I think the best way to achieve this with the current tools is probably to call a lua script, but I feel like this would probably be less efficient than a built-in operator. I doubt I'm the first person to think of using ModSecurity in this way, so is there any chance we could add this feature?