mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-09-29 19:24:29 +03:00
iis: New improvements on the Wix installer
- Now the installation is divided in modules: ModSecurity and CRS. - Added default configuration - Configuration was moved to "Program Files" folder - Build_msi script now using candle available in %PATH%
This commit is contained in:
Felipe \"Zimmerle\" Costa
committed by
Felipe Zimmerle
Felipe Zimmerle
parent
1a12648c9f
commit
2ea5a74a7b
@@ -1,19 +1,20 @@
|
|||||||
|
|
||||||
set WIX=C:\Program Files (x86)\WiX Toolset v3.7\bin
|
|
||||||
|
set PATH="%PATH%;C:\Program Files (x86)\WiX Toolset v3.8\bin;C:\Program Files (x86)\WiX Toolset v3.7\bin;"
|
||||||
set CURRENT_DIR=%cd%
|
set CURRENT_DIR=%cd%
|
||||||
|
|
||||||
del installer.wix*
|
del installer.wix*
|
||||||
|
|
||||||
"%WIX%\candle.exe" -ext WixUtilExtension -ext WixUIExtension "%CURRENT_DIR%\installer.wxs" -out "%CURRENT_DIR%\installer.wixobj" -dPlatform="x64"
|
"candle.exe" -ext WixUtilExtension -ext WixUIExtension "%CURRENT_DIR%\installer.wxs" -out "%CURRENT_DIR%\installer.wixobj" -dPlatform="x64"
|
||||||
@if NOT (%ERRORLEVEL%) == (0) goto build_failed
|
@if NOT (%ERRORLEVEL%) == (0) goto build_failed
|
||||||
|
|
||||||
"%WIX%\light.exe" -ext WixUtilExtension -ext WixUIExtension "%CURRENT_DIR%\installer.wixobj" -out "%CURRENT_DIR%\installer-64.msi" -dPlatform="x64"
|
"light.exe" -ext WixUtilExtension -ext WixUIExtension "%CURRENT_DIR%\installer.wixobj" -out "%CURRENT_DIR%\installer-64.msi" -dPlatform="x64"
|
||||||
@if NOT (%ERRORLEVEL%) == (0) goto build_failed
|
@if NOT (%ERRORLEVEL%) == (0) goto build_failed
|
||||||
|
|
||||||
"%WIX%\candle.exe" -ext WixUtilExtension -ext WixUIExtension "%CURRENT_DIR%\installer.wxs" -out "%CURRENT_DIR%\installer.wixobj" -dPlatform="x86"
|
"candle.exe" -ext WixUtilExtension -ext WixUIExtension "%CURRENT_DIR%\installer.wxs" -out "%CURRENT_DIR%\installer.wixobj" -dPlatform="x86"
|
||||||
@if NOT (%ERRORLEVEL%) == (0) goto build_failed
|
@if NOT (%ERRORLEVEL%) == (0) goto build_failed
|
||||||
|
|
||||||
"%WIX%\light.exe" -ext WixUtilExtension -ext WixUIExtension "%CURRENT_DIR%\installer.wixobj" -out "%CURRENT_DIR%\installer-32.msi" -dPlatform="x86"
|
"light.exe" -ext WixUtilExtension -ext WixUIExtension "%CURRENT_DIR%\installer.wixobj" -out "%CURRENT_DIR%\installer-32.msi" -dPlatform="x86"
|
||||||
@if NOT (%ERRORLEVEL%) == (0) goto build_failed
|
@if NOT (%ERRORLEVEL%) == (0) goto build_failed
|
||||||
|
|
||||||
exit /B 0
|
exit /B 0
|
||||||
|
|||||||
@@ -1,4 +1,4 @@
|
|||||||
<?xml version="1.0" encoding="UTF-8"?>
|
<?xml version="1.0" encoding="utf-8"?>
|
||||||
<!--
|
<!--
|
||||||
# This comment is generated by WixEdit, the specific commandline
|
# This comment is generated by WixEdit, the specific commandline
|
||||||
# arguments for the WiX Toolset are stored here.
|
# arguments for the WiX Toolset are stored here.
|
||||||
@@ -6,25 +6,22 @@
|
|||||||
candleArgs: -nologo "<projectfile>" -out "<projectname>.wixobj" -ext WixUtilExtension -ext WixUIExtension -dPlatform="x64"
|
candleArgs: -nologo "<projectfile>" -out "<projectname>.wixobj" -ext WixUtilExtension -ext WixUIExtension -dPlatform="x64"
|
||||||
lightArgs:
|
lightArgs:
|
||||||
-->
|
-->
|
||||||
<Wix xmlns="http://schemas.microsoft.com/wix/2006/wi" xmlns:iis="http://schemas.microsoft.com/wix/IIsExtension" xmlns:util="http://schemas.microsoft.com/wix/UtilExtension">
|
<Wix xmlns="http://schemas.microsoft.com/wix/2006/wi" xmlns:util="http://schemas.microsoft.com/wix/UtilExtension">
|
||||||
<Product Id="22B04FDB-9BAB-46B0-87B8-A39544ECECD3" Name="ModSecurity IIS" Language="1033" Version="2.7.6" Manufacturer="ModSecurity" UpgradeCode="82F09489-1678-4C38-ADCB-08C3757653DB">
|
<Product Id="22B04FDB-9BAB-46B0-87B8-A39544ECECD3" Name="ModSecurity IIS" Language="1033" Version="2.7.6" Manufacturer="ModSecurity" UpgradeCode="82F09489-1678-4C38-ADCB-08C3757653DB">
|
||||||
<Package Description="ModSecurityISS" Comments="none" InstallerVersion="200" Compressed="yes" InstallPrivileges="elevated" InstallScope="perMachine" Platform="$(var.Platform)" />
|
<Package Description="ModSecurityISS" Comments="none" InstallerVersion="200" Compressed="yes" InstallPrivileges="elevated" InstallScope="perMachine" Platform="$(var.Platform)" />
|
||||||
|
|
||||||
<?if $(var.Platform) = x64 ?>
|
<?if $(var.Platform) = x64 ?>
|
||||||
<?define ProductName = "ModSecuirty IIS (64 bit)" ?>
|
<?define ProductName = "ModSecuirty IIS (64 bit)" ?>
|
||||||
<?define Win64 = "yes" ?>
|
<?define Win64 = "yes" ?>
|
||||||
<!--<?define PlatformProgramFilesFolder = "ProgramFiles64Folder" ?>-->
|
<!--<?define PlatformProgramFilesFolder = "ProgramFiles64Folder" ?>-->
|
||||||
<?define PlatformProgramFilesFolder = "ProgramFilesFolder" ?>
|
<?define PlatformProgramFilesFolder = "ProgramFilesFolder" ?>
|
||||||
<?else?>
|
<?else ?>
|
||||||
<?define ProductName = "ModSecuirty IIS" ?>
|
<?define ProductName = "ModSecuirty IIS" ?>
|
||||||
<?define Win64 = "no" ?>
|
<?define Win64 = "no" ?>
|
||||||
<?define PlatformProgramFilesFolder = "ProgramFilesFolder" ?>
|
<?define PlatformProgramFilesFolder = "ProgramFilesFolder" ?>
|
||||||
<?endif?>
|
<?endif ?>
|
||||||
|
|
||||||
<Property Id="IIS">
|
<Property Id="IIS">
|
||||||
<RegistrySearch Id="IISInstalledVersion" Root="HKLM" Key="SOFTWARE\Microsoft\InetStp" Type="raw" Name="MajorVersion" />
|
<RegistrySearch Id="IISInstalledVersion" Root="HKLM" Key="SOFTWARE\Microsoft\InetStp" Type="raw" Name="MajorVersion" />
|
||||||
</Property>
|
</Property>
|
||||||
|
|
||||||
<Property Id="FILEEXISTS" Secure="yes">
|
<Property Id="FILEEXISTS" Secure="yes">
|
||||||
<DirectorySearch Id="CheckFileDir1" Path="C:\Windows\System32\inetsrv" Depth="0">
|
<DirectorySearch Id="CheckFileDir1" Path="C:\Windows\System32\inetsrv" Depth="0">
|
||||||
<FileSearch Id="CheckFile1" Name="ModSecurityIIS.dll" />
|
<FileSearch Id="CheckFile1" Name="ModSecurityIIS.dll" />
|
||||||
@@ -81,19 +78,14 @@
|
|||||||
<FileSearch Id="CheckFile18" Name="zlib1.dll" />
|
<FileSearch Id="CheckFile18" Name="zlib1.dll" />
|
||||||
</DirectorySearch>
|
</DirectorySearch>
|
||||||
</Property>
|
</Property>
|
||||||
|
|
||||||
<Property Id="WWWROOT">
|
<Property Id="WWWROOT">
|
||||||
<RegistrySearch Id="FindInetPubFolder" Root="HKLM" Key="SOFTWARE\Microsoft\InetStp" Name="PathWWWRoot" Type="directory" />
|
<RegistrySearch Id="FindInetPubFolder" Root="HKLM" Key="SOFTWARE\Microsoft\InetStp" Name="PathWWWRoot" Type="directory" />
|
||||||
</Property>
|
</Property>
|
||||||
|
|
||||||
<Property Id="MSIUSEREALADMINDETECTION" Value="1" />
|
<Property Id="MSIUSEREALADMINDETECTION" Value="1" />
|
||||||
|
|
||||||
<Condition Message="This setup requires IIS 6.0, 7.0 or 8.0 is installed."><![CDATA[(IIS="#7") OR (IIS="#6") OR (IIS="#8")]]></Condition>
|
<Condition Message="This setup requires IIS 6.0, 7.0 or 8.0 is installed."><![CDATA[(IIS="#7") OR (IIS="#6") OR (IIS="#8")]]></Condition>
|
||||||
<!-- Version 2.7.6 had an uninstall issue that leaves some files behind. Asking the user to manually hash this out. -->
|
<!-- Version 2.7.6 had an uninstall issue that leaves some files behind. Asking the user to manually hash this out. -->
|
||||||
<Condition Message="A older version of ModSecurityIIS was found in your computer. Please complete uninstall by removing the following file: [FILEEXISTS]. You may have to remove ModSecurity module from IIS, use the IIS Manager to do so."><![CDATA[(NOT FILEEXISTS) OR (Installed)]]></Condition>
|
<Condition Message="A older version of ModSecurityIIS was found in your computer. Please complete uninstall by removing the following file: [FILEEXISTS]. You may have to remove ModSecurity module from IIS, use the IIS Manager to do so."><![CDATA[(NOT FILEEXISTS) OR (Installed)]]></Condition>
|
||||||
|
<!--
|
||||||
|
|
||||||
<!--
|
|
||||||
Won't necessary. We can install 32bits stuff in a 64 machine. If IIS is proper
|
Won't necessary. We can install 32bits stuff in a 64 machine. If IIS is proper
|
||||||
configured it will work like a charm.
|
configured it will work like a charm.
|
||||||
|
|
||||||
@@ -105,538 +97,397 @@
|
|||||||
<?endif?>
|
<?endif?>
|
||||||
</Condition>
|
</Condition>
|
||||||
-->
|
-->
|
||||||
|
|
||||||
<Media Id="1" Cabinet="simple.cab" EmbedCab="yes" />
|
<Media Id="1" Cabinet="simple.cab" EmbedCab="yes" />
|
||||||
<Directory Id="TARGETDIR" Name="SourceDir">
|
<Directory Id="TARGETDIR" Name="SourceDir">
|
||||||
<Directory Id="SystemFolder" Name="SystemFolder">
|
<Directory Id="SystemFolder" Name="SystemFolder">
|
||||||
<Directory Id="inetsrv" Name="inetsrv" />
|
<Directory Id="inetsrv" Name="inetsrv"/>
|
||||||
</Directory>
|
</Directory>
|
||||||
<Directory Id="$(var.PlatformProgramFilesFolder)">
|
<Directory Id="$(var.PlatformProgramFilesFolder)">
|
||||||
<Directory Id="INSTALLFOLDER" Name="ModSecurity IIS" />
|
<Directory Id="INSTALLFOLDER" Name="ModSecurity IIS">
|
||||||
</Directory>
|
<!-- </Directory>
|
||||||
<Directory Id="WWWROOT" Name="[WWWROOT]">
|
<Directory Id="WWWROOT" Name="[WWWROOT]"> -->
|
||||||
<Directory Id="OWASP_CRS" Name="owasp_crs">
|
<Directory Id="OWASP_CRS" Name="owasp_crs">
|
||||||
<Component Id="_.GITIGNORE" DiskId="1" Guid="56746371-02B2-4B32-BDE5-B919E94564D6">
|
<Component Id="_.GITIGNORE" DiskId="1" Guid="64629082-F6A2-4675-9E3E-4EA363CD6502">
|
||||||
<File Id="_.GITIGNORE" Name=".gitignore" Source="release\owasp_crs\.gitignore" />
|
<File Id="_.GITIGNORE" Name=".gitignore" Source="release\owasp_crs\.gitignore" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="CHANGELOG" DiskId="1" Guid="0BBA3368-ABAA-4ADA-8A7E-D2E5CBF7CDF3">
|
<Component Id="CHANGES" DiskId="1" Guid="F392B5B3-5703-4FB8-9578-BBF7454DA7DA">
|
||||||
<File Id="CHANGELOG" Name="CHANGELOG" Source="release\owasp_crs\CHANGELOG" />
|
<File Id="CHANGES" Name="CHANGES" Source="release\owasp_crs\CHANGES" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="ID_RANGE" DiskId="1" Guid="BD77EC70-135B-40AF-A66A-87808420F586">
|
<Component Id="INSTALL" DiskId="1" Guid="BCC0CA30-22B6-4D32-90EF-0E4BD688865F">
|
||||||
<File Id="ID_RANGE" Name="Id-range" Source="release\owasp_crs\Id-range" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="INSTALL" DiskId="1" Guid="F965FA9A-6144-40C0-B3BE-20D9D87E11B4">
|
|
||||||
<File Id="INSTALL" Name="INSTALL" Source="release\owasp_crs\INSTALL" />
|
<File Id="INSTALL" Name="INSTALL" Source="release\owasp_crs\INSTALL" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="LICENSE" DiskId="1" Guid="13C4B4B3-46B0-4015-A4D9-6FE370444523">
|
<Component Id="LICENSE" DiskId="1" Guid="32DBDBCC-B2AC-4FA4-82AB-BFD7F9F2F089">
|
||||||
<File Id="LICENSE" Name="LICENSE" Source="release\owasp_crs\LICENSE" />
|
<File Id="LICENSE" Name="LICENSE" Source="release\owasp_crs\LICENSE" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY.CONF" DiskId="1" Guid="5CA12EB6-21A6-4580-8DBA-A57A521BBD64">
|
<Component Id="MODSECURITY_CRS_10_SETUP.CONF.EXAMPLE" DiskId="1" Guid="6A87F473-6E1F-4F85-9A03-CC4F6CB7F826">
|
||||||
<File Id="MODSECURITY.CONF" Name="modsecurity.conf" Source="release\owasp_crs\modsecurity.conf" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_CRS_10_SETUP.CONF" DiskId="1" Guid="4133A28A-4613-4650-8315-750B9D0CC27F">
|
|
||||||
<File Id="MODSECURITY_CRS_10_SETUP.CONF" Name="modsecurity_crs_10_setup.conf" Source="release\owasp_crs\modsecurity_crs_10_setup.conf" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_CRS_10_SETUP.CONF.EXAMPLE" DiskId="1" Guid="DAE6702A-CCFE-4777-B652-9F89FC211D66">
|
|
||||||
<File Id="MODSECURITY_CRS_10_SETUP.CONF.EXAMPLE" Name="modsecurity_crs_10_setup.conf.example" Source="release\owasp_crs\modsecurity_crs_10_setup.conf.example" />
|
<File Id="MODSECURITY_CRS_10_SETUP.CONF.EXAMPLE" Name="modsecurity_crs_10_setup.conf.example" Source="release\owasp_crs\modsecurity_crs_10_setup.conf.example" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_IIS.CONF" DiskId="1" Guid="C647345E-C4DF-497E-AD79-69B06685E054">
|
<Component Id="README.MD" DiskId="1" Guid="BED770B8-BEC9-4326-AF04-7B75E319B899">
|
||||||
<File Id="MODSECURITY_IIS.CONF" Name="modsecurity_iis.conf" Source="release\owasp_crs\modsecurity_iis.conf" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="README.MD" DiskId="1" Guid="3D670109-912F-4C74-A842-1A4A49A9286A">
|
|
||||||
<File Id="README.MD" Name="README.md" Source="release\owasp_crs\README.md" />
|
<File Id="README.MD" Name="README.md" Source="release\owasp_crs\README.md" />
|
||||||
</Component>
|
</Component>
|
||||||
<Directory Id="ACTIVATED_RULES" Name="activated_rules">
|
<Directory Id="ACTIVATED_RULES" Name="activated_rules">
|
||||||
<Component Id="MODSECURITY_35_BAD_ROBOTS.DATA" DiskId="1" Guid="F566B261-0BA3-4EB9-9697-0EA44F04469A">
|
<Component Id="README" DiskId="1" Guid="F06FC044-52E6-412E-80E6-6644486A522B">
|
||||||
<File Id="MODSECURITY_35_BAD_ROBOTS.DATA" Name="modsecurity_35_bad_robots.data" Source="release\owasp_crs\activated_rules\modsecurity_35_bad_robots.data" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_35_SCANNERS.DATA" DiskId="1" Guid="5DEE7661-B99E-4A3D-A159-9F407D1DF3FF">
|
|
||||||
<File Id="MODSECURITY_35_SCANNERS.DATA" Name="modsecurity_35_scanners.data" Source="release\owasp_crs\activated_rules\modsecurity_35_scanners.data" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_40_GENERIC_ATTACKS.DATA" DiskId="1" Guid="B969400F-37D5-48E1-9251-125115D97D60">
|
|
||||||
<File Id="MODSECURITY_40_GENERIC_ATTACKS.DATA" Name="modsecurity_40_generic_attacks.data" Source="release\owasp_crs\activated_rules\modsecurity_40_generic_attacks.data" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_41_SQL_INJECTION_ATTACKS.DATA" DiskId="1" Guid="6E66AE3E-D24E-4DBF-9A0B-8FFC89D8C084">
|
|
||||||
<File Id="MODSECURITY_41_SQL_INJECTION_ATTACKS.DATA" Name="modsecurity_41_sql_injection_attacks.data" Source="release\owasp_crs\activated_rules\modsecurity_41_sql_injection_attacks.data" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_CRS_23_REQUEST_LIMITS.CONF" DiskId="1" Guid="6B29A6E4-65E5-45DF-9AC3-B858A033A413">
|
|
||||||
<File Id="MODSECURITY_CRS_23_REQUEST_LIMITS.CONF" Name="modsecurity_crs_23_request_limits.conf" Source="release\owasp_crs\activated_rules\modsecurity_crs_23_request_limits.conf" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_CRS_30_HTTP_POLICY.CONF" DiskId="1" Guid="6EBED74E-076E-4A79-9E7F-57E7C2ADD534">
|
|
||||||
<File Id="MODSECURITY_CRS_30_HTTP_POLICY.CONF" Name="modsecurity_crs_30_http_policy.conf" Source="release\owasp_crs\activated_rules\modsecurity_crs_30_http_policy.conf" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_CRS_35_BAD_ROBOTS.CONF" DiskId="1" Guid="3B9273B8-2D9C-4395-80FA-8DF2A4AAA0CC">
|
|
||||||
<File Id="MODSECURITY_CRS_35_BAD_ROBOTS.CONF" Name="modsecurity_crs_35_bad_robots.conf" Source="release\owasp_crs\activated_rules\modsecurity_crs_35_bad_robots.conf" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_CRS_40_GENERIC_ATTACKS.CONF" DiskId="1" Guid="902220F2-F08A-4A48-B99A-469BF18DD4B2">
|
|
||||||
<File Id="MODSECURITY_CRS_40_GENERIC_ATTACKS.CONF" Name="modsecurity_crs_40_generic_attacks.conf" Source="release\owasp_crs\activated_rules\modsecurity_crs_40_generic_attacks.conf" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_CRS_41_SQL_INJECTION_ATTACKS.CONF" DiskId="1" Guid="E521F8DB-30DD-40AA-8D0D-EB26B6CE69B9">
|
|
||||||
<File Id="MODSECURITY_CRS_41_SQL_INJECTION_ATTACKS.CONF" Name="modsecurity_crs_41_sql_injection_attacks.conf" Source="release\owasp_crs\activated_rules\modsecurity_crs_41_sql_injection_attacks.conf" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_CRS_41_XSS_ATTACKS.CONF" DiskId="1" Guid="B2676170-A120-42FD-B0B4-436C5CAB4B53">
|
|
||||||
<File Id="MODSECURITY_CRS_41_XSS_ATTACKS.CONF" Name="modsecurity_crs_41_xss_attacks.conf" Source="release\owasp_crs\activated_rules\modsecurity_crs_41_xss_attacks.conf" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_CRS_42_TIGHT_SECURITY.CONF" DiskId="1" Guid="B6CFADF2-6177-46C3-AD42-07DAB63341D7">
|
|
||||||
<File Id="MODSECURITY_CRS_42_TIGHT_SECURITY.CONF" Name="modsecurity_crs_42_tight_security.conf" Source="release\owasp_crs\activated_rules\modsecurity_crs_42_tight_security.conf" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_CRS_45_TROJANS.CONF" DiskId="1" Guid="B24955E7-B6AD-4590-88AB-EEF09D962397">
|
|
||||||
<File Id="MODSECURITY_CRS_45_TROJANS.CONF" Name="modsecurity_crs_45_trojans.conf" Source="release\owasp_crs\activated_rules\modsecurity_crs_45_trojans.conf" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_CRS_47_COMMON_EXCEPTIONS.CONF" DiskId="1" Guid="2AA4B019-63C4-4A30-A629-B444C60B464E">
|
|
||||||
<File Id="MODSECURITY_CRS_47_COMMON_EXCEPTIONS.CONF" Name="modsecurity_crs_47_common_exceptions.conf" Source="release\owasp_crs\activated_rules\modsecurity_crs_47_common_exceptions.conf" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="README" DiskId="1" Guid="C9EB0581-0DBD-4D67-864E-1F0AEC12AEC8">
|
|
||||||
<File Id="README" Name="README" Source="release\owasp_crs\activated_rules\README" />
|
<File Id="README" Name="README" Source="release\owasp_crs\activated_rules\README" />
|
||||||
</Component>
|
</Component>
|
||||||
</Directory>
|
</Directory>
|
||||||
<Directory Id="BASE_RULES" Name="base_rules">
|
<Directory Id="BASE_RULES" Name="base_rules">
|
||||||
<Component Id="MODSECURITY_35_BAD_ROBOTS.DATA_1" DiskId="1" Guid="8A730F19-96CA-418E-96EF-89A74AE09A98">
|
<Component Id="MODSECURITY_35_BAD_ROBOTS.DATA" DiskId="1" Guid="66EB7DE9-E12D-4360-B096-75CAB0498E88">
|
||||||
<File Id="MODSECURITY_35_BAD_ROBOTS.DATA_1" Name="modsecurity_35_bad_robots.data" Source="release\owasp_crs\base_rules\modsecurity_35_bad_robots.data" />
|
<File Id="MODSECURITY_35_BAD_ROBOTS.DATA" Name="modsecurity_35_bad_robots.data" Source="release\owasp_crs\base_rules\modsecurity_35_bad_robots.data" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_35_SCANNERS.DATA_1" DiskId="1" Guid="84833D91-F31F-49F6-B2DC-32E07AF17E18">
|
<Component Id="MODSECURITY_35_SCANNERS.DATA" DiskId="1" Guid="CA206BA2-F54C-41A9-8B13-EA07C0A2CA89">
|
||||||
<File Id="MODSECURITY_35_SCANNERS.DATA_1" Name="modsecurity_35_scanners.data" Source="release\owasp_crs\base_rules\modsecurity_35_scanners.data" />
|
<File Id="MODSECURITY_35_SCANNERS.DATA" Name="modsecurity_35_scanners.data" Source="release\owasp_crs\base_rules\modsecurity_35_scanners.data" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_40_GENERIC_ATTACKS.DATA_1" DiskId="1" Guid="95FB2FC2-B934-4797-B121-2F7DDD7A36B6">
|
<Component Id="MODSECURITY_40_GENERIC_ATTACKS.DATA" DiskId="1" Guid="23BBF95B-D4B7-4ECA-AB52-B563DD112027">
|
||||||
<File Id="MODSECURITY_40_GENERIC_ATTACKS.DATA_1" Name="modsecurity_40_generic_attacks.data" Source="release\owasp_crs\base_rules\modsecurity_40_generic_attacks.data" />
|
<File Id="MODSECURITY_40_GENERIC_ATTACKS.DATA" Name="modsecurity_40_generic_attacks.data" Source="release\owasp_crs\base_rules\modsecurity_40_generic_attacks.data" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_41_SQL_INJECTION_ATTACKS.DATA_1" DiskId="1" Guid="9954D93A-055E-49B7-8D2B-9DD478F7C88E">
|
<Component Id="MODSECURITY_50_OUTBOUND.DATA" DiskId="1" Guid="EA0D5FBB-69E5-4A42-A64D-F12F528CE3A6">
|
||||||
<File Id="MODSECURITY_41_SQL_INJECTION_ATTACKS.DATA_1" Name="modsecurity_41_sql_injection_attacks.data" Source="release\owasp_crs\base_rules\modsecurity_41_sql_injection_attacks.data" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_50_OUTBOUND.DATA" DiskId="1" Guid="4070DDD1-3A35-43FC-BF4B-4382130869AC">
|
|
||||||
<File Id="MODSECURITY_50_OUTBOUND.DATA" Name="modsecurity_50_outbound.data" Source="release\owasp_crs\base_rules\modsecurity_50_outbound.data" />
|
<File Id="MODSECURITY_50_OUTBOUND.DATA" Name="modsecurity_50_outbound.data" Source="release\owasp_crs\base_rules\modsecurity_50_outbound.data" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_50_OUTBOUND_MALWARE.DATA" DiskId="1" Guid="D5550B09-A4DD-46DE-98C3-9CDC9F650442">
|
<Component Id="MODSECURITY_50_OUTBOUND_MALWARE.DATA" DiskId="1" Guid="97BC0C05-6487-4389-A042-D840F12F5C67">
|
||||||
<File Id="MODSECURITY_50_OUTBOUND_MALWARE.DATA" Name="modsecurity_50_outbound_malware.data" Source="release\owasp_crs\base_rules\modsecurity_50_outbound_malware.data" />
|
<File Id="MODSECURITY_50_OUTBOUND_MALWARE.DATA" Name="modsecurity_50_outbound_malware.data" Source="release\owasp_crs\base_rules\modsecurity_50_outbound_malware.data" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_20_PROTOCOL_VIOLATIONS.CONF" DiskId="1" Guid="ADA5C824-C216-42A4-AA57-B9E27A0070E0">
|
<Component Id="MODSECURITY_CRS_20_PROTOCOL_VIOLATIONS.CONF" DiskId="1" Guid="634C707B-27E0-46D2-A24C-1EC60BF94840">
|
||||||
<File Id="MODSECURITY_CRS_20_PROTOCOL_VIOLATIONS.CONF" Name="modsecurity_crs_20_protocol_violations.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_20_protocol_violations.conf" />
|
<File Id="MODSECURITY_CRS_20_PROTOCOL_VIOLATIONS.CONF" Name="modsecurity_crs_20_protocol_violations.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_20_protocol_violations.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_21_PROTOCOL_ANOMALIES.CONF" DiskId="1" Guid="85CE19CB-EEEC-40A6-A7A3-37CEFFB84290">
|
<Component Id="MODSECURITY_CRS_21_PROTOCOL_ANOMALIES.CONF" DiskId="1" Guid="BF6CA903-978F-4FEC-90C6-310C9DB00F9C">
|
||||||
<File Id="MODSECURITY_CRS_21_PROTOCOL_ANOMALIES.CONF" Name="modsecurity_crs_21_protocol_anomalies.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_21_protocol_anomalies.conf" />
|
<File Id="MODSECURITY_CRS_21_PROTOCOL_ANOMALIES.CONF" Name="modsecurity_crs_21_protocol_anomalies.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_21_protocol_anomalies.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_23_REQUEST_LIMITS.CONF_1" DiskId="1" Guid="4713ABA6-2612-4FF1-B3AC-AB9B0385EA5E">
|
<Component Id="MODSECURITY_CRS_23_REQUEST_LIMITS.CONF" DiskId="1" Guid="BB32F9E8-90D0-4C6D-8B81-66E82232260E">
|
||||||
<File Id="MODSECURITY_CRS_23_REQUEST_LIMITS.CONF_1" Name="modsecurity_crs_23_request_limits.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_23_request_limits.conf" />
|
<File Id="MODSECURITY_CRS_23_REQUEST_LIMITS.CONF" Name="modsecurity_crs_23_request_limits.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_23_request_limits.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_30_HTTP_POLICY.CONF_1" DiskId="1" Guid="629D34E3-018C-4CF0-AFE1-5272CF5399C0">
|
<Component Id="MODSECURITY_CRS_30_HTTP_POLICY.CONF" DiskId="1" Guid="B396E825-30CE-47FD-9B8B-C4120C08C573">
|
||||||
<File Id="MODSECURITY_CRS_30_HTTP_POLICY.CONF_1" Name="modsecurity_crs_30_http_policy.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_30_http_policy.conf" />
|
<File Id="MODSECURITY_CRS_30_HTTP_POLICY.CONF" Name="modsecurity_crs_30_http_policy.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_30_http_policy.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_35_BAD_ROBOTS.CONF_1" DiskId="1" Guid="1296320E-F905-4FEA-9775-6545FF1F4F46">
|
<Component Id="MODSECURITY_CRS_35_BAD_ROBOTS.CONF" DiskId="1" Guid="F4443062-8C25-44B6-90F4-07D3AA264119">
|
||||||
<File Id="MODSECURITY_CRS_35_BAD_ROBOTS.CONF_1" Name="modsecurity_crs_35_bad_robots.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_35_bad_robots.conf" />
|
<File Id="MODSECURITY_CRS_35_BAD_ROBOTS.CONF" Name="modsecurity_crs_35_bad_robots.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_35_bad_robots.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_40_GENERIC_ATTACKS.CONF_1" DiskId="1" Guid="22EC4997-D1F3-4CC6-84C7-C8124FCA1838">
|
<Component Id="MODSECURITY_CRS_40_GENERIC_ATTACKS.CONF" DiskId="1" Guid="F9CBEF9D-0623-46FC-9ED1-7CEB6797F632">
|
||||||
<File Id="MODSECURITY_CRS_40_GENERIC_ATTACKS.CONF_1" Name="modsecurity_crs_40_generic_attacks.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_40_generic_attacks.conf" />
|
<File Id="MODSECURITY_CRS_40_GENERIC_ATTACKS.CONF" Name="modsecurity_crs_40_generic_attacks.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_40_generic_attacks.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_41_SQL_INJECTION_ATTACKS.CONF_1" DiskId="1" Guid="53B65B49-6566-4383-B2A3-F1DE2B584EA0">
|
<Component Id="MODSECURITY_CRS_41_SQL_INJECTION_ATTACKS.CONF" DiskId="1" Guid="A3750D66-5EBF-4A4B-A022-BD8A960B25C6">
|
||||||
<File Id="MODSECURITY_CRS_41_SQL_INJECTION_ATTACKS.CONF_1" Name="modsecurity_crs_41_sql_injection_attacks.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_41_sql_injection_attacks.conf" />
|
<File Id="MODSECURITY_CRS_41_SQL_INJECTION_ATTACKS.CONF" Name="modsecurity_crs_41_sql_injection_attacks.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_41_sql_injection_attacks.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_41_XSS_ATTACKS.CONF_1" DiskId="1" Guid="9EFE96F1-73B6-4D1D-8268-9B73FE7C976E">
|
<Component Id="MODSECURITY_CRS_41_XSS_ATTACKS.CONF" DiskId="1" Guid="0B1E8868-FEAD-4957-95F8-BDB9A6883E60">
|
||||||
<File Id="MODSECURITY_CRS_41_XSS_ATTACKS.CONF_1" Name="modsecurity_crs_41_xss_attacks.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_41_xss_attacks.conf" />
|
<File Id="MODSECURITY_CRS_41_XSS_ATTACKS.CONF" Name="modsecurity_crs_41_xss_attacks.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_41_xss_attacks.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_42_TIGHT_SECURITY.CONF_1" DiskId="1" Guid="DCA68043-EAC7-46ED-86EA-3B0D7A988BC7">
|
<Component Id="MODSECURITY_CRS_42_TIGHT_SECURITY.CONF" DiskId="1" Guid="2B0AB195-55A3-4518-8CAE-DB6327AE13C9">
|
||||||
<File Id="MODSECURITY_CRS_42_TIGHT_SECURITY.CONF_1" Name="modsecurity_crs_42_tight_security.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_42_tight_security.conf" />
|
<File Id="MODSECURITY_CRS_42_TIGHT_SECURITY.CONF" Name="modsecurity_crs_42_tight_security.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_42_tight_security.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_45_TROJANS.CONF_1" DiskId="1" Guid="1F9A363D-A5D6-4328-95D9-DA9B9222029C">
|
<Component Id="MODSECURITY_CRS_45_TROJANS.CONF" DiskId="1" Guid="E365E9B9-00A2-49EE-88BC-62C4F3FF4B6E">
|
||||||
<File Id="MODSECURITY_CRS_45_TROJANS.CONF_1" Name="modsecurity_crs_45_trojans.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_45_trojans.conf" />
|
<File Id="MODSECURITY_CRS_45_TROJANS.CONF" Name="modsecurity_crs_45_trojans.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_45_trojans.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_47_COMMON_EXCEPTIONS.CONF_1" DiskId="1" Guid="1AAED4B1-46B5-4480-AE19-0DC3489CA7EC">
|
<Component Id="MODSECURITY_CRS_47_COMMON_EXCEPTIONS.CONF" DiskId="1" Guid="B0AFBC61-47D6-48F2-9930-B1625207650F">
|
||||||
<File Id="MODSECURITY_CRS_47_COMMON_EXCEPTIONS.CONF_1" Name="modsecurity_crs_47_common_exceptions.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_47_common_exceptions.conf" />
|
<File Id="MODSECURITY_CRS_47_COMMON_EXCEPTIONS.CONF" Name="modsecurity_crs_47_common_exceptions.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_47_common_exceptions.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_48_LOCAL_EXCEPTIONS.CONF.EXAMPLE" DiskId="1" Guid="773A070A-789C-4151-8A80-6D2D32FDDA5E">
|
<Component Id="MODSECURITY_CRS_48_LOCAL_EXCEPTIONS.CONF.EXAMPLE" DiskId="1" Guid="0529CA91-785B-4FBA-A22C-DC0CFAAB2AE3">
|
||||||
<File Id="MODSECURITY_CRS_48_LOCAL_EXCEPTIONS.CONF.EXAMPLE" Name="modsecurity_crs_48_local_exceptions.conf.example" Source="release\owasp_crs\base_rules\modsecurity_crs_48_local_exceptions.conf.example" />
|
<File Id="MODSECURITY_CRS_48_LOCAL_EXCEPTIONS.CONF.EXAMPLE" Name="modsecurity_crs_48_local_exceptions.conf.example" Source="release\owasp_crs\base_rules\modsecurity_crs_48_local_exceptions.conf.example" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_49_INBOUND_BLOCKING.CONF" DiskId="1" Guid="E3E0286D-95BD-496F-B42F-31F35A29DD61">
|
<Component Id="MODSECURITY_CRS_49_INBOUND_BLOCKING.CONF" DiskId="1" Guid="8708633A-3D28-4F93-AE12-27F3E7494D2C">
|
||||||
<File Id="MODSECURITY_CRS_49_INBOUND_BLOCKING.CONF" Name="modsecurity_crs_49_inbound_blocking.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_49_inbound_blocking.conf" />
|
<File Id="MODSECURITY_CRS_49_INBOUND_BLOCKING.CONF" Name="modsecurity_crs_49_inbound_blocking.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_49_inbound_blocking.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_50_OUTBOUND.CONF" DiskId="1" Guid="A97D5106-2146-431E-AD73-EAC836D24C49">
|
<Component Id="MODSECURITY_CRS_50_OUTBOUND.CONF" DiskId="1" Guid="A59F553E-0AB8-46C8-B3AE-D4356C2331B0">
|
||||||
<File Id="MODSECURITY_CRS_50_OUTBOUND.CONF" Name="modsecurity_crs_50_outbound.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_50_outbound.conf" />
|
<File Id="MODSECURITY_CRS_50_OUTBOUND.CONF" Name="modsecurity_crs_50_outbound.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_50_outbound.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_59_OUTBOUND_BLOCKING.CONF" DiskId="1" Guid="1B4170D3-C50E-48DA-AC95-C89997EB67B0">
|
<Component Id="MODSECURITY_CRS_59_OUTBOUND_BLOCKING.CONF" DiskId="1" Guid="14D6B456-B9E6-4F4E-996B-2306FA72F1B4">
|
||||||
<File Id="MODSECURITY_CRS_59_OUTBOUND_BLOCKING.CONF" Name="modsecurity_crs_59_outbound_blocking.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_59_outbound_blocking.conf" />
|
<File Id="MODSECURITY_CRS_59_OUTBOUND_BLOCKING.CONF" Name="modsecurity_crs_59_outbound_blocking.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_59_outbound_blocking.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_60_CORRELATION.CONF" DiskId="1" Guid="7B92EC2E-461D-42C1-9864-00E68154992A">
|
<Component Id="MODSECURITY_CRS_60_CORRELATION.CONF" DiskId="1" Guid="F5A97EA0-80CC-4ECD-AA3A-822780B0064A">
|
||||||
<File Id="MODSECURITY_CRS_60_CORRELATION.CONF" Name="modsecurity_crs_60_correlation.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_60_correlation.conf" />
|
<File Id="MODSECURITY_CRS_60_CORRELATION.CONF" Name="modsecurity_crs_60_correlation.conf" Source="release\owasp_crs\base_rules\modsecurity_crs_60_correlation.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
</Directory>
|
</Directory>
|
||||||
<Directory Id="EXPERIMENTAL_RULES" Name="experimental_rules">
|
<Directory Id="EXPERIMENTAL_RULES" Name="experimental_rules">
|
||||||
<Component Id="MODSECURITY_CRS_11_BRUTE_FORCE.CONF" DiskId="1" Guid="89657932-1AA6-447E-ABD7-1B733633F433">
|
<Component Id="MODSECURITY_CRS_11_BRUTE_FORCE.CONF" DiskId="1" Guid="B2504C95-7338-49CA-9786-ACEF671ABB93">
|
||||||
<File Id="MODSECURITY_CRS_11_BRUTE_FORCE.CONF" Name="modsecurity_crs_11_brute_force.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_11_brute_force.conf" />
|
<File Id="MODSECURITY_CRS_11_BRUTE_FORCE.CONF" Name="modsecurity_crs_11_brute_force.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_11_brute_force.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_11_DOS_PROTECTION.CONF" DiskId="1" Guid="A73B3A4C-66A7-470E-864E-B0629E2BEC3B">
|
<Component Id="MODSECURITY_CRS_11_DOS_PROTECTION.CONF" DiskId="1" Guid="B4B6224A-47DD-46B0-93FE-8BF2AA657525">
|
||||||
<File Id="MODSECURITY_CRS_11_DOS_PROTECTION.CONF" Name="modsecurity_crs_11_dos_protection.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_11_dos_protection.conf" />
|
<File Id="MODSECURITY_CRS_11_DOS_PROTECTION.CONF" Name="modsecurity_crs_11_dos_protection.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_11_dos_protection.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_11_PROXY_ABUSE.CONF" DiskId="1" Guid="FC2599AC-85AB-4A11-B1D0-C636650A2E57">
|
<Component Id="MODSECURITY_CRS_11_PROXY_ABUSE.CONF" DiskId="1" Guid="EFE8B978-7E08-4CC9-B54B-6E54FA40AFED">
|
||||||
<File Id="MODSECURITY_CRS_11_PROXY_ABUSE.CONF" Name="modsecurity_crs_11_proxy_abuse.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_11_proxy_abuse.conf" />
|
<File Id="MODSECURITY_CRS_11_PROXY_ABUSE.CONF" Name="modsecurity_crs_11_proxy_abuse.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_11_proxy_abuse.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_11_SLOW_DOS_PROTECTION.CONF" DiskId="1" Guid="A7A0E9BA-0975-4666-94A6-848837524B3A">
|
<Component Id="MODSECURITY_CRS_11_SLOW_DOS_PROTECTION.CONF" DiskId="1" Guid="78C29C01-40D3-48D2-9ECA-FFF309AF5096">
|
||||||
<File Id="MODSECURITY_CRS_11_SLOW_DOS_PROTECTION.CONF" Name="modsecurity_crs_11_slow_dos_protection.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_11_slow_dos_protection.conf" />
|
<File Id="MODSECURITY_CRS_11_SLOW_DOS_PROTECTION.CONF" Name="modsecurity_crs_11_slow_dos_protection.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_11_slow_dos_protection.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_16_SCANNER_INTEGRATION.CONF" DiskId="1" Guid="59805AEF-3BFB-41FE-AB10-D60E4B17AE5D">
|
<Component Id="MODSECURITY_CRS_16_SCANNER_INTEGRATION.CONF" DiskId="1" Guid="F8B8A64D-0F7F-49A9-AE9C-38E323659BE1">
|
||||||
<File Id="MODSECURITY_CRS_16_SCANNER_INTEGRATION.CONF" Name="modsecurity_crs_16_scanner_integration.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_16_scanner_integration.conf" />
|
<File Id="MODSECURITY_CRS_16_SCANNER_INTEGRATION.CONF" Name="modsecurity_crs_16_scanner_integration.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_16_scanner_integration.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_25_CC_TRACK_PAN.CONF" DiskId="1" Guid="0700A54C-EE17-4D9A-9F1F-AC0604FE7F24">
|
<Component Id="MODSECURITY_CRS_25_CC_TRACK_PAN.CONF" DiskId="1" Guid="6C435FB6-4293-4297-9B59-72AA8F4664EC">
|
||||||
<File Id="MODSECURITY_CRS_25_CC_TRACK_PAN.CONF" Name="modsecurity_crs_25_cc_track_pan.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_25_cc_track_pan.conf" />
|
<File Id="MODSECURITY_CRS_25_CC_TRACK_PAN.CONF" Name="modsecurity_crs_25_cc_track_pan.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_25_cc_track_pan.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_40_APPSENSOR_DETECTION_POINT_2.0_SETUP.CONF" DiskId="1" Guid="32BD99E4-5747-4E42-95CE-41256254B00D">
|
<Component Id="MODSECURITY_CRS_40_APPSENSOR_DETECTION_POINT_2.0_SETUP.CONF" DiskId="1" Guid="3627E92F-ADF1-45E0-B249-E2DCC9587B50">
|
||||||
<File Id="MODSECURITY_CRS_40_APPSENSOR_DETECTION_POINT_2.0_SETUP.CONF" Name="modsecurity_crs_40_appsensor_detection_point_2.0_setup.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_40_appsensor_detection_point_2.0_setup.conf" />
|
<File Id="MODSECURITY_CRS_40_APPSENSOR_DETECTION_POINT_2.0_SETUP.CONF" Name="modsecurity_crs_40_appsensor_detection_point_2.0_setup.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_40_appsensor_detection_point_2.0_setup.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_40_APPSENSOR_DETECTION_POINT_2.1_REQUEST_EXCEPTION.CONF" DiskId="1" Guid="EB316E25-74CB-4CF6-94CA-DD438CDEC952">
|
<Component Id="MODSECURITY_CRS_40_APPSENSOR_DETECTION_POINT_2.1_REQUEST_EXCEPTION.CONF" DiskId="1" Guid="F1A4BE30-699E-4892-B506-EB3FC9379C57">
|
||||||
<File Id="MODSECURITY_CRS_40_APPSENSOR_DETECTION_POINT_2.1_REQUEST_EXCEPTION.CONF" Name="modsecurity_crs_40_appsensor_detection_point_2.1_request_exception.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_40_appsensor_detection_point_2.1_request_exception.conf" />
|
<File Id="MODSECURITY_CRS_40_APPSENSOR_DETECTION_POINT_2.1_REQUEST_EXCEPTION.CONF" Name="modsecurity_crs_40_appsensor_detection_point_2.1_request_exception.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_40_appsensor_detection_point_2.1_request_exception.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_40_APPSENSOR_DETECTION_POINT_2.9_HONEYTRAP.CONF" DiskId="1" Guid="DF4608F6-9601-4C92-9DED-5B5A3F14D9E5">
|
<Component Id="MODSECURITY_CRS_40_APPSENSOR_DETECTION_POINT_2.9_HONEYTRAP.CONF" DiskId="1" Guid="256EB87C-BAF5-4155-8392-5B0C8803882A">
|
||||||
<File Id="MODSECURITY_CRS_40_APPSENSOR_DETECTION_POINT_2.9_HONEYTRAP.CONF" Name="modsecurity_crs_40_appsensor_detection_point_2.9_honeytrap.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_40_appsensor_detection_point_2.9_honeytrap.conf" />
|
<File Id="MODSECURITY_CRS_40_APPSENSOR_DETECTION_POINT_2.9_HONEYTRAP.CONF" Name="modsecurity_crs_40_appsensor_detection_point_2.9_honeytrap.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_40_appsensor_detection_point_2.9_honeytrap.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_40_APPSENSOR_DETECTION_POINT_3.0_END.CONF" DiskId="1" Guid="15ABC9A2-D94D-47C2-A4DE-0B9625609886">
|
<Component Id="MODSECURITY_CRS_40_APPSENSOR_DETECTION_POINT_3.0_END.CONF" DiskId="1" Guid="5B4D9A6B-F54B-4875-A64B-B4A2F74B1298">
|
||||||
<File Id="MODSECURITY_CRS_40_APPSENSOR_DETECTION_POINT_3.0_END.CONF" Name="modsecurity_crs_40_appsensor_detection_point_3.0_end.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_40_appsensor_detection_point_3.0_end.conf" />
|
<File Id="MODSECURITY_CRS_40_APPSENSOR_DETECTION_POINT_3.0_END.CONF" Name="modsecurity_crs_40_appsensor_detection_point_3.0_end.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_40_appsensor_detection_point_3.0_end.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_40_HTTP_PARAMETER_POLLUTION.CONF" DiskId="1" Guid="D29DEC30-BEAC-41EE-9F98-B462499EDA7C">
|
<Component Id="MODSECURITY_CRS_40_HTTP_PARAMETER_POLLUTION.CONF" DiskId="1" Guid="31C832E0-3E79-4F14-89BA-AFD1072F9A6D">
|
||||||
<File Id="MODSECURITY_CRS_40_HTTP_PARAMETER_POLLUTION.CONF" Name="modsecurity_crs_40_http_parameter_pollution.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_40_http_parameter_pollution.conf" />
|
<File Id="MODSECURITY_CRS_40_HTTP_PARAMETER_POLLUTION.CONF" Name="modsecurity_crs_40_http_parameter_pollution.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_40_http_parameter_pollution.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_41_ADVANCED_FILTERS.CONF" DiskId="1" Guid="DF95F56D-D7E7-4CAC-8402-752BB981E82F">
|
<Component Id="MODSECURITY_CRS_42_CSP_ENFORCEMENT.CONF" DiskId="1" Guid="9D853A58-A5A4-4EBD-990B-152AB4350326">
|
||||||
<File Id="MODSECURITY_CRS_41_ADVANCED_FILTERS.CONF" Name="modsecurity_crs_41_advanced_filters.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_41_advanced_filters.conf" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_CRS_42_CSP_ENFORCEMENT.CONF" DiskId="1" Guid="4A4A4ED8-6B76-45DF-861D-4092BC1E1485">
|
|
||||||
<File Id="MODSECURITY_CRS_42_CSP_ENFORCEMENT.CONF" Name="modsecurity_crs_42_csp_enforcement.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_42_csp_enforcement.conf" />
|
<File Id="MODSECURITY_CRS_42_CSP_ENFORCEMENT.CONF" Name="modsecurity_crs_42_csp_enforcement.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_42_csp_enforcement.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_45_CHAR_ANOMALY.CONF" DiskId="1" Guid="AD211172-DA86-40F8-9DF8-BF220615E4AB">
|
<Component Id="MODSECURITY_CRS_46_SCANNER_INTEGRATION.CONF" DiskId="1" Guid="01D4EBBD-F7DE-444D-89B4-848BC30B1233">
|
||||||
<File Id="MODSECURITY_CRS_45_CHAR_ANOMALY.CONF" Name="modsecurity_crs_45_char_anomaly.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_45_char_anomaly.conf" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_CRS_46_SCANNER_INTEGRATION.CONF" DiskId="1" Guid="7BC0D7A1-AEC4-4A36-89BC-2E91DFB34D16">
|
|
||||||
<File Id="MODSECURITY_CRS_46_SCANNER_INTEGRATION.CONF" Name="modsecurity_crs_46_scanner_integration.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_46_scanner_integration.conf" />
|
<File Id="MODSECURITY_CRS_46_SCANNER_INTEGRATION.CONF" Name="modsecurity_crs_46_scanner_integration.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_46_scanner_integration.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_48_BAYES_ANALYSIS.CONF" DiskId="1" Guid="0DC09940-F7D0-4ED7-A905-6DA694201B51">
|
<Component Id="MODSECURITY_CRS_48_BAYES_ANALYSIS.CONF" DiskId="1" Guid="6DD49981-2CAA-4AD9-943D-60E6C71E0CE1">
|
||||||
<File Id="MODSECURITY_CRS_48_BAYES_ANALYSIS.CONF" Name="modsecurity_crs_48_bayes_analysis.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_48_bayes_analysis.conf" />
|
<File Id="MODSECURITY_CRS_48_BAYES_ANALYSIS.CONF" Name="modsecurity_crs_48_bayes_analysis.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_48_bayes_analysis.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_55_RESPONSE_PROFILING.CONF" DiskId="1" Guid="EFE74295-C5CD-45BF-8F4B-2C757EDB3908">
|
<Component Id="MODSECURITY_CRS_55_RESPONSE_PROFILING.CONF" DiskId="1" Guid="3FF3801E-C915-4C87-9741-48449ADBBB28">
|
||||||
<File Id="MODSECURITY_CRS_55_RESPONSE_PROFILING.CONF" Name="modsecurity_crs_55_response_profiling.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_55_response_profiling.conf" />
|
<File Id="MODSECURITY_CRS_55_RESPONSE_PROFILING.CONF" Name="modsecurity_crs_55_response_profiling.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_55_response_profiling.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_56_PVI_CHECKS.CONF" DiskId="1" Guid="86B3A2D4-9392-45B1-82CF-C1B9EAD4274C">
|
<Component Id="MODSECURITY_CRS_56_PVI_CHECKS.CONF" DiskId="1" Guid="184CE6CF-9999-4D28-A70E-6762B96181FD">
|
||||||
<File Id="MODSECURITY_CRS_56_PVI_CHECKS.CONF" Name="modsecurity_crs_56_pvi_checks.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_56_pvi_checks.conf" />
|
<File Id="MODSECURITY_CRS_56_PVI_CHECKS.CONF" Name="modsecurity_crs_56_pvi_checks.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_56_pvi_checks.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_61_IP_FORENSICS.CONF" DiskId="1" Guid="CC6C1A25-10E3-4F32-8A1C-DCBBF5897076">
|
<Component Id="MODSECURITY_CRS_61_IP_FORENSICS.CONF" DiskId="1" Guid="F7AF0FFB-2346-4159-BC72-19FE52487231">
|
||||||
<File Id="MODSECURITY_CRS_61_IP_FORENSICS.CONF" Name="modsecurity_crs_61_ip_forensics.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_61_ip_forensics.conf" />
|
<File Id="MODSECURITY_CRS_61_IP_FORENSICS.CONF" Name="modsecurity_crs_61_ip_forensics.conf" Source="release\owasp_crs\experimental_rules\modsecurity_crs_61_ip_forensics.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
</Directory>
|
</Directory>
|
||||||
<Directory Id="LUA" Name="lua">
|
<Directory Id="LUA" Name="lua">
|
||||||
<Component Id="ADVANCED_FILTER_CONVERTER.LUA" DiskId="1" Guid="056263F5-34CA-41EC-B175-A8AF9BC10B7B">
|
<Component Id="ADVANCED_FILTER_CONVERTER.LUA" DiskId="1" Guid="BF9033A5-C9A4-4867-92CA-CDD174CBE420">
|
||||||
<File Id="ADVANCED_FILTER_CONVERTER.LUA" Name="advanced_filter_converter.lua" Source="release\owasp_crs\lua\advanced_filter_converter.lua" />
|
<File Id="ADVANCED_FILTER_CONVERTER.LUA" Name="advanced_filter_converter.lua" Source="release\owasp_crs\lua\advanced_filter_converter.lua" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="APPSENSOR_REQUEST_EXCEPTION_ENFORCE.LUA" DiskId="1" Guid="B548476A-184C-415A-9C77-45FE5CCD0C73">
|
<Component Id="APPSENSOR_REQUEST_EXCEPTION_ENFORCE.LUA" DiskId="1" Guid="108E0164-5221-4834-8004-A54A94DD26F9">
|
||||||
<File Id="APPSENSOR_REQUEST_EXCEPTION_ENFORCE.LUA" Name="appsensor_request_exception_enforce.lua" Source="release\owasp_crs\lua\appsensor_request_exception_enforce.lua" />
|
<File Id="APPSENSOR_REQUEST_EXCEPTION_ENFORCE.LUA" Name="appsensor_request_exception_enforce.lua" Source="release\owasp_crs\lua\appsensor_request_exception_enforce.lua" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="APPSENSOR_REQUEST_EXCEPTION_PROFILE.LUA" DiskId="1" Guid="89107E80-EB1F-4D79-8B11-A8BA9F8096AB">
|
<Component Id="APPSENSOR_REQUEST_EXCEPTION_PROFILE.LUA" DiskId="1" Guid="F7C270EA-2609-4C04-A4C6-0CB247B9C854">
|
||||||
<File Id="APPSENSOR_REQUEST_EXCEPTION_PROFILE.LUA" Name="appsensor_request_exception_profile.lua" Source="release\owasp_crs\lua\appsensor_request_exception_profile.lua" />
|
<File Id="APPSENSOR_REQUEST_EXCEPTION_PROFILE.LUA" Name="appsensor_request_exception_profile.lua" Source="release\owasp_crs\lua\appsensor_request_exception_profile.lua" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="ARACHNI_INTEGRATION.LUA" DiskId="1" Guid="F30A7E15-7635-4992-B921-5BA432921CD2">
|
<Component Id="ARACHNI_INTEGRATION.LUA" DiskId="1" Guid="93653BD0-2E5B-4798-B098-73428806865A">
|
||||||
<File Id="ARACHNI_INTEGRATION.LUA" Name="arachni_integration.lua" Source="release\owasp_crs\lua\arachni_integration.lua" />
|
<File Id="ARACHNI_INTEGRATION.LUA" Name="arachni_integration.lua" Source="release\owasp_crs\lua\arachni_integration.lua" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="BAYES_CHECK_SPAM.LUA" DiskId="1" Guid="2F76FC3A-E52A-488E-947C-43A5D7D5743D">
|
<Component Id="BAYES_CHECK_SPAM.LUA" DiskId="1" Guid="825D79AD-5A1A-416A-B905-AC686E9FC6D8">
|
||||||
<File Id="BAYES_CHECK_SPAM.LUA" Name="bayes_check_spam.lua" Source="release\owasp_crs\lua\bayes_check_spam.lua" />
|
<File Id="BAYES_CHECK_SPAM.LUA" Name="bayes_check_spam.lua" Source="release\owasp_crs\lua\bayes_check_spam.lua" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="BAYES_TRAIN_HAM.LUA" DiskId="1" Guid="463C0F8C-EA94-4A24-9BB6-A3502292E1C4">
|
<Component Id="BAYES_TRAIN_HAM.LUA" DiskId="1" Guid="C61EDAAD-2F43-496D-A2C1-A89B6F3DEC68">
|
||||||
<File Id="BAYES_TRAIN_HAM.LUA" Name="bayes_train_ham.lua" Source="release\owasp_crs\lua\bayes_train_ham.lua" />
|
<File Id="BAYES_TRAIN_HAM.LUA" Name="bayes_train_ham.lua" Source="release\owasp_crs\lua\bayes_train_ham.lua" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="BAYES_TRAIN_SPAM.LUA" DiskId="1" Guid="AFFBC762-563B-476F-BAE1-62E395556B65">
|
<Component Id="BAYES_TRAIN_SPAM.LUA" DiskId="1" Guid="7D1816A3-9705-4146-AC9E-C835C2EA57CB">
|
||||||
<File Id="BAYES_TRAIN_SPAM.LUA" Name="bayes_train_spam.lua" Source="release\owasp_crs\lua\bayes_train_spam.lua" />
|
<File Id="BAYES_TRAIN_SPAM.LUA" Name="bayes_train_spam.lua" Source="release\owasp_crs\lua\bayes_train_spam.lua" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="GATHER_IP_DATA.LUA" DiskId="1" Guid="5D5CE01C-3E3D-4379-BC43-6AB981D10661">
|
<Component Id="GATHER_IP_DATA.LUA" DiskId="1" Guid="F317DF73-6461-4E85-B776-153F86526CDB">
|
||||||
<File Id="GATHER_IP_DATA.LUA" Name="gather_ip_data.lua" Source="release\owasp_crs\lua\gather_ip_data.lua" />
|
<File Id="GATHER_IP_DATA.LUA" Name="gather_ip_data.lua" Source="release\owasp_crs\lua\gather_ip_data.lua" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="OSVDB.LUA" DiskId="1" Guid="65AAD289-DE06-49AF-A587-FBBCCE1FDA2E">
|
<Component Id="OSVDB.LUA" DiskId="1" Guid="AEED3BB6-1132-43D4-BA19-6863AE3E08C3">
|
||||||
<File Id="OSVDB.LUA" Name="osvdb.lua" Source="release\owasp_crs\lua\osvdb.lua" />
|
<File Id="OSVDB.LUA" Name="osvdb.lua" Source="release\owasp_crs\lua\osvdb.lua" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="PROFILE_PAGE_SCRIPTS.LUA" DiskId="1" Guid="1004A702-9644-4770-B965-67AEF28F58A1">
|
<Component Id="PROFILE_PAGE_SCRIPTS.LUA" DiskId="1" Guid="44D1B12B-3F51-4EC3-9DB5-D887F7B941CB">
|
||||||
<File Id="PROFILE_PAGE_SCRIPTS.LUA" Name="profile_page_scripts.lua" Source="release\owasp_crs\lua\profile_page_scripts.lua" />
|
<File Id="PROFILE_PAGE_SCRIPTS.LUA" Name="profile_page_scripts.lua" Source="release\owasp_crs\lua\profile_page_scripts.lua" />
|
||||||
</Component>
|
</Component>
|
||||||
</Directory>
|
</Directory>
|
||||||
<Directory Id="OPTIONAL_RULES" Name="optional_rules">
|
<Directory Id="OPTIONAL_RULES" Name="optional_rules">
|
||||||
<Component Id="MODSECURITY_42_COMMENT_SPAM.DATA" DiskId="1" Guid="33BDACD4-0519-48EB-9136-D1B4DD12A0CD">
|
<Component Id="MODSECURITY_42_COMMENT_SPAM.DATA" DiskId="1" Guid="8744C127-31F0-4C4E-85FB-D86BDEA3627B">
|
||||||
<File Id="MODSECURITY_42_COMMENT_SPAM.DATA" Name="modsecurity_42_comment_spam.data" Source="release\owasp_crs\optional_rules\modsecurity_42_comment_spam.data" />
|
<File Id="MODSECURITY_42_COMMENT_SPAM.DATA" Name="modsecurity_42_comment_spam.data" Source="release\owasp_crs\optional_rules\modsecurity_42_comment_spam.data" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_10_IGNORE_STATIC.CONF" DiskId="1" Guid="96158473-F431-4906-85F5-D7B7AA447E7A">
|
<Component Id="MODSECURITY_CRS_10_IGNORE_STATIC.CONF" DiskId="1" Guid="38C5BB11-D5CA-4D24-A1AD-A10014225B3E">
|
||||||
<File Id="MODSECURITY_CRS_10_IGNORE_STATIC.CONF" Name="modsecurity_crs_10_ignore_static.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_10_ignore_static.conf" />
|
<File Id="MODSECURITY_CRS_10_IGNORE_STATIC.CONF" Name="modsecurity_crs_10_ignore_static.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_10_ignore_static.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_11_AVS_TRAFFIC.CONF" DiskId="1" Guid="ED2E3682-0C34-41A6-9F19-64B4627B517A">
|
<Component Id="MODSECURITY_CRS_11_AVS_TRAFFIC.CONF" DiskId="1" Guid="A89C0F8A-72CE-450F-ABF6-7AA3BFEB83CA">
|
||||||
<File Id="MODSECURITY_CRS_11_AVS_TRAFFIC.CONF" Name="modsecurity_crs_11_avs_traffic.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_11_avs_traffic.conf" />
|
<File Id="MODSECURITY_CRS_11_AVS_TRAFFIC.CONF" Name="modsecurity_crs_11_avs_traffic.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_11_avs_traffic.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_13_XML_ENABLER.CONF" DiskId="1" Guid="A5623DB6-DBBF-4AC3-95EF-8990C61F636A">
|
<Component Id="MODSECURITY_CRS_13_XML_ENABLER.CONF" DiskId="1" Guid="1399D33C-70B7-48BF-B757-04B77F502DEB">
|
||||||
<File Id="MODSECURITY_CRS_13_XML_ENABLER.CONF" Name="modsecurity_crs_13_xml_enabler.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_13_xml_enabler.conf" />
|
<File Id="MODSECURITY_CRS_13_XML_ENABLER.CONF" Name="modsecurity_crs_13_xml_enabler.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_13_xml_enabler.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_16_AUTHENTICATION_TRACKING.CONF" DiskId="1" Guid="DEC1E733-5A8B-4435-AFC5-C8C02195CCD6">
|
<Component Id="MODSECURITY_CRS_16_AUTHENTICATION_TRACKING.CONF" DiskId="1" Guid="E2D8C3F5-7D9B-4407-9D9F-F433F4E1F01B">
|
||||||
<File Id="MODSECURITY_CRS_16_AUTHENTICATION_TRACKING.CONF" Name="modsecurity_crs_16_authentication_tracking.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_16_authentication_tracking.conf" />
|
<File Id="MODSECURITY_CRS_16_AUTHENTICATION_TRACKING.CONF" Name="modsecurity_crs_16_authentication_tracking.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_16_authentication_tracking.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_16_SESSION_HIJACKING.CONF" DiskId="1" Guid="948F9321-BD22-452B-AD51-C2CEA922329D">
|
<Component Id="MODSECURITY_CRS_16_SESSION_HIJACKING.CONF" DiskId="1" Guid="1E6A5036-CF10-4D48-8209-6B0FCBE4A24B">
|
||||||
<File Id="MODSECURITY_CRS_16_SESSION_HIJACKING.CONF" Name="modsecurity_crs_16_session_hijacking.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_16_session_hijacking.conf" />
|
<File Id="MODSECURITY_CRS_16_SESSION_HIJACKING.CONF" Name="modsecurity_crs_16_session_hijacking.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_16_session_hijacking.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_16_USERNAME_TRACKING.CONF" DiskId="1" Guid="9EFD8BE9-4608-4432-83F2-94631B773DD4">
|
<Component Id="MODSECURITY_CRS_16_USERNAME_TRACKING.CONF" DiskId="1" Guid="028E96D3-8C3C-4CD1-BBE4-F57A6347B85D">
|
||||||
<File Id="MODSECURITY_CRS_16_USERNAME_TRACKING.CONF" Name="modsecurity_crs_16_username_tracking.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_16_username_tracking.conf" />
|
<File Id="MODSECURITY_CRS_16_USERNAME_TRACKING.CONF" Name="modsecurity_crs_16_username_tracking.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_16_username_tracking.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_25_CC_KNOWN.CONF" DiskId="1" Guid="2CC330A7-A062-4817-B660-267B80C7812E">
|
<Component Id="MODSECURITY_CRS_25_CC_KNOWN.CONF" DiskId="1" Guid="450F7C2C-8B0D-4A59-9094-6971C54318DE">
|
||||||
<File Id="MODSECURITY_CRS_25_CC_KNOWN.CONF" Name="modsecurity_crs_25_cc_known.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_25_cc_known.conf" />
|
<File Id="MODSECURITY_CRS_25_CC_KNOWN.CONF" Name="modsecurity_crs_25_cc_known.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_25_cc_known.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_42_COMMENT_SPAM.CONF" DiskId="1" Guid="0CABCC34-2C7B-4869-A9AB-B733C5176016">
|
<Component Id="MODSECURITY_CRS_42_COMMENT_SPAM.CONF" DiskId="1" Guid="35A7A16E-CE14-433B-9C55-4A319CF6243B">
|
||||||
<File Id="MODSECURITY_CRS_42_COMMENT_SPAM.CONF" Name="modsecurity_crs_42_comment_spam.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_42_comment_spam.conf" />
|
<File Id="MODSECURITY_CRS_42_COMMENT_SPAM.CONF" Name="modsecurity_crs_42_comment_spam.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_42_comment_spam.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_43_CSRF_PROTECTION.CONF" DiskId="1" Guid="07EB4ED4-F03D-43F2-94B1-F12961472268">
|
<Component Id="MODSECURITY_CRS_43_CSRF_PROTECTION.CONF" DiskId="1" Guid="1782BFBE-8575-4914-9694-C1825BF3C83A">
|
||||||
<File Id="MODSECURITY_CRS_43_CSRF_PROTECTION.CONF" Name="modsecurity_crs_43_csrf_protection.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_43_csrf_protection.conf" />
|
<File Id="MODSECURITY_CRS_43_CSRF_PROTECTION.CONF" Name="modsecurity_crs_43_csrf_protection.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_43_csrf_protection.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_46_AV_SCANNING.CONF" DiskId="1" Guid="2DFCE9D4-4BAE-4898-8D2C-51C6C5CE521F">
|
<Component Id="MODSECURITY_CRS_46_AV_SCANNING.CONF" DiskId="1" Guid="A9F1CE92-B4F5-485E-AA1E-D99184BD8F39">
|
||||||
<File Id="MODSECURITY_CRS_46_AV_SCANNING.CONF" Name="modsecurity_crs_46_av_scanning.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_46_av_scanning.conf" />
|
<File Id="MODSECURITY_CRS_46_AV_SCANNING.CONF" Name="modsecurity_crs_46_av_scanning.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_46_av_scanning.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_47_SKIP_OUTBOUND_CHECKS.CONF" DiskId="1" Guid="4D8359B5-7016-48B3-9879-5873EDC6204E">
|
<Component Id="MODSECURITY_CRS_47_SKIP_OUTBOUND_CHECKS.CONF" DiskId="1" Guid="80D6A043-50DC-4E84-AC1B-1F9DEE074D89">
|
||||||
<File Id="MODSECURITY_CRS_47_SKIP_OUTBOUND_CHECKS.CONF" Name="modsecurity_crs_47_skip_outbound_checks.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_47_skip_outbound_checks.conf" />
|
<File Id="MODSECURITY_CRS_47_SKIP_OUTBOUND_CHECKS.CONF" Name="modsecurity_crs_47_skip_outbound_checks.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_47_skip_outbound_checks.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_49_HEADER_TAGGING.CONF" DiskId="1" Guid="922996BE-D201-4AD3-AA6D-1D5F5F75F1FC">
|
<Component Id="MODSECURITY_CRS_49_HEADER_TAGGING.CONF" DiskId="1" Guid="6FBEA0F5-94B5-447C-9F3D-230B5C9109FB">
|
||||||
<File Id="MODSECURITY_CRS_49_HEADER_TAGGING.CONF" Name="modsecurity_crs_49_header_tagging.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_49_header_tagging.conf" />
|
<File Id="MODSECURITY_CRS_49_HEADER_TAGGING.CONF" Name="modsecurity_crs_49_header_tagging.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_49_header_tagging.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_55_APPLICATION_DEFECTS.CONF" DiskId="1" Guid="26C758AC-66CD-4FDC-807E-0995396532FD">
|
<Component Id="MODSECURITY_CRS_55_APPLICATION_DEFECTS.CONF" DiskId="1" Guid="BB8BDC87-4B50-4CE6-9893-7C53AD3EC971">
|
||||||
<File Id="MODSECURITY_CRS_55_APPLICATION_DEFECTS.CONF" Name="modsecurity_crs_55_application_defects.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_55_application_defects.conf" />
|
<File Id="MODSECURITY_CRS_55_APPLICATION_DEFECTS.CONF" Name="modsecurity_crs_55_application_defects.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_55_application_defects.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_55_MARKETING.CONF" DiskId="1" Guid="C204FF45-5797-4711-98A4-4679F64B3D1C">
|
<Component Id="MODSECURITY_CRS_55_MARKETING.CONF" DiskId="1" Guid="90CDE413-E4B0-4609-83F1-210545203880">
|
||||||
<File Id="MODSECURITY_CRS_55_MARKETING.CONF" Name="modsecurity_crs_55_marketing.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_55_marketing.conf" />
|
<File Id="MODSECURITY_CRS_55_MARKETING.CONF" Name="modsecurity_crs_55_marketing.conf" Source="release\owasp_crs\optional_rules\modsecurity_crs_55_marketing.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
</Directory>
|
</Directory>
|
||||||
<Directory Id="SLR_RULES" Name="slr_rules">
|
<Directory Id="SLR_RULES" Name="slr_rules">
|
||||||
<Component Id="MODSECURITY_46_SLR_ET_JOOMLA.DATA" DiskId="1" Guid="4B91B390-AE82-48DB-8574-1A5728310105">
|
<Component Id="MODSECURITY_46_SLR_ET_JOOMLA.DATA" DiskId="1" Guid="A880D035-8933-4A83-9D14-2FE010F4BF79">
|
||||||
<File Id="MODSECURITY_46_SLR_ET_JOOMLA.DATA" Name="modsecurity_46_slr_et_joomla.data" Source="release\owasp_crs\slr_rules\modsecurity_46_slr_et_joomla.data" />
|
<File Id="MODSECURITY_46_SLR_ET_JOOMLA.DATA" Name="modsecurity_46_slr_et_joomla.data" Source="release\owasp_crs\slr_rules\modsecurity_46_slr_et_joomla.data" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_46_SLR_ET_LFI.DATA" DiskId="1" Guid="860B9440-0F02-4B04-8855-CE65A6CCEC0E">
|
<Component Id="MODSECURITY_46_SLR_ET_LFI.DATA" DiskId="1" Guid="8D276187-4464-4B1C-AAB7-BBBF04B235CF">
|
||||||
<File Id="MODSECURITY_46_SLR_ET_LFI.DATA" Name="modsecurity_46_slr_et_lfi.data" Source="release\owasp_crs\slr_rules\modsecurity_46_slr_et_lfi.data" />
|
<File Id="MODSECURITY_46_SLR_ET_LFI.DATA" Name="modsecurity_46_slr_et_lfi.data" Source="release\owasp_crs\slr_rules\modsecurity_46_slr_et_lfi.data" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_46_SLR_ET_PHPBB.DATA" DiskId="1" Guid="7E381488-A9A9-4908-AA86-B40C381485CC">
|
<Component Id="MODSECURITY_46_SLR_ET_PHPBB.DATA" DiskId="1" Guid="4E0D55ED-B346-41E4-BA75-A1E008D5595B">
|
||||||
<File Id="MODSECURITY_46_SLR_ET_PHPBB.DATA" Name="modsecurity_46_slr_et_phpbb.data" Source="release\owasp_crs\slr_rules\modsecurity_46_slr_et_phpbb.data" />
|
<File Id="MODSECURITY_46_SLR_ET_PHPBB.DATA" Name="modsecurity_46_slr_et_phpbb.data" Source="release\owasp_crs\slr_rules\modsecurity_46_slr_et_phpbb.data" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_46_SLR_ET_RFI.DATA" DiskId="1" Guid="4A3ECA18-9710-4E43-8E5F-73837C41A1AA">
|
<Component Id="MODSECURITY_46_SLR_ET_RFI.DATA" DiskId="1" Guid="437E4792-C537-49ED-990A-FB6980E414B7">
|
||||||
<File Id="MODSECURITY_46_SLR_ET_RFI.DATA" Name="modsecurity_46_slr_et_rfi.data" Source="release\owasp_crs\slr_rules\modsecurity_46_slr_et_rfi.data" />
|
<File Id="MODSECURITY_46_SLR_ET_RFI.DATA" Name="modsecurity_46_slr_et_rfi.data" Source="release\owasp_crs\slr_rules\modsecurity_46_slr_et_rfi.data" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_46_SLR_ET_SQLI.DATA" DiskId="1" Guid="687D0BDD-2729-4D28-8CF9-E461EA9CE3F4">
|
<Component Id="MODSECURITY_46_SLR_ET_SQLI.DATA" DiskId="1" Guid="FD80B47F-D98E-4878-903A-15F1A971DE56">
|
||||||
<File Id="MODSECURITY_46_SLR_ET_SQLI.DATA" Name="modsecurity_46_slr_et_sqli.data" Source="release\owasp_crs\slr_rules\modsecurity_46_slr_et_sqli.data" />
|
<File Id="MODSECURITY_46_SLR_ET_SQLI.DATA" Name="modsecurity_46_slr_et_sqli.data" Source="release\owasp_crs\slr_rules\modsecurity_46_slr_et_sqli.data" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_46_SLR_ET_WORDPRESS.DATA" DiskId="1" Guid="56DADFEC-00EB-4CB6-9D58-E75D944A6050">
|
<Component Id="MODSECURITY_46_SLR_ET_WORDPRESS.DATA" DiskId="1" Guid="A7BD059D-3C96-4C36-AC72-C1697A65CAAD">
|
||||||
<File Id="MODSECURITY_46_SLR_ET_WORDPRESS.DATA" Name="modsecurity_46_slr_et_wordpress.data" Source="release\owasp_crs\slr_rules\modsecurity_46_slr_et_wordpress.data" />
|
<File Id="MODSECURITY_46_SLR_ET_WORDPRESS.DATA" Name="modsecurity_46_slr_et_wordpress.data" Source="release\owasp_crs\slr_rules\modsecurity_46_slr_et_wordpress.data" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_46_SLR_ET_XSS.DATA" DiskId="1" Guid="F43D476B-0FE8-4CDB-85D3-EB3667B63AD2">
|
<Component Id="MODSECURITY_46_SLR_ET_XSS.DATA" DiskId="1" Guid="2B284399-9BBD-4F25-81B9-40D5FCF66576">
|
||||||
<File Id="MODSECURITY_46_SLR_ET_XSS.DATA" Name="modsecurity_46_slr_et_xss.data" Source="release\owasp_crs\slr_rules\modsecurity_46_slr_et_xss.data" />
|
<File Id="MODSECURITY_46_SLR_ET_XSS.DATA" Name="modsecurity_46_slr_et_xss.data" Source="release\owasp_crs\slr_rules\modsecurity_46_slr_et_xss.data" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_46_SLR_ET_JOOMLA_ATTACKS.CONF" DiskId="1" Guid="CD380062-36C4-4A87-8814-FE98F9CC45ED">
|
<Component Id="MODSECURITY_CRS_46_SLR_ET_JOOMLA_ATTACKS.CONF" DiskId="1" Guid="981DAB23-63E8-4BD0-9ABD-D719B4A3313B">
|
||||||
<File Id="MODSECURITY_CRS_46_SLR_ET_JOOMLA_ATTACKS.CONF" Name="modsecurity_crs_46_slr_et_joomla_attacks.conf" Source="release\owasp_crs\slr_rules\modsecurity_crs_46_slr_et_joomla_attacks.conf" />
|
<File Id="MODSECURITY_CRS_46_SLR_ET_JOOMLA_ATTACKS.CONF" Name="modsecurity_crs_46_slr_et_joomla_attacks.conf" Source="release\owasp_crs\slr_rules\modsecurity_crs_46_slr_et_joomla_attacks.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_46_SLR_ET_LFI_ATTACKS.CONF" DiskId="1" Guid="FFF51311-E77D-48BC-8257-98407445693F">
|
<Component Id="MODSECURITY_CRS_46_SLR_ET_LFI_ATTACKS.CONF" DiskId="1" Guid="AC8469DC-2DF7-49A8-9439-4F47253EAB90">
|
||||||
<File Id="MODSECURITY_CRS_46_SLR_ET_LFI_ATTACKS.CONF" Name="modsecurity_crs_46_slr_et_lfi_attacks.conf" Source="release\owasp_crs\slr_rules\modsecurity_crs_46_slr_et_lfi_attacks.conf" />
|
<File Id="MODSECURITY_CRS_46_SLR_ET_LFI_ATTACKS.CONF" Name="modsecurity_crs_46_slr_et_lfi_attacks.conf" Source="release\owasp_crs\slr_rules\modsecurity_crs_46_slr_et_lfi_attacks.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_46_SLR_ET_PHPBB_ATTACKS.CONF" DiskId="1" Guid="EFD56A4B-DC25-478A-8028-9B57F41127E6">
|
<Component Id="MODSECURITY_CRS_46_SLR_ET_PHPBB_ATTACKS.CONF" DiskId="1" Guid="92B9316A-DA96-4CF6-964F-8AE9F8F7DDAD">
|
||||||
<File Id="MODSECURITY_CRS_46_SLR_ET_PHPBB_ATTACKS.CONF" Name="modsecurity_crs_46_slr_et_phpbb_attacks.conf" Source="release\owasp_crs\slr_rules\modsecurity_crs_46_slr_et_phpbb_attacks.conf" />
|
<File Id="MODSECURITY_CRS_46_SLR_ET_PHPBB_ATTACKS.CONF" Name="modsecurity_crs_46_slr_et_phpbb_attacks.conf" Source="release\owasp_crs\slr_rules\modsecurity_crs_46_slr_et_phpbb_attacks.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_46_SLR_ET_RFI_ATTACKS.CONF" DiskId="1" Guid="82F6F0DE-BCC3-453B-8BC6-8E4F27019516">
|
<Component Id="MODSECURITY_CRS_46_SLR_ET_RFI_ATTACKS.CONF" DiskId="1" Guid="BBFCC3E1-0E62-4202-9BE8-3EA1DB0C2387">
|
||||||
<File Id="MODSECURITY_CRS_46_SLR_ET_RFI_ATTACKS.CONF" Name="modsecurity_crs_46_slr_et_rfi_attacks.conf" Source="release\owasp_crs\slr_rules\modsecurity_crs_46_slr_et_rfi_attacks.conf" />
|
<File Id="MODSECURITY_CRS_46_SLR_ET_RFI_ATTACKS.CONF" Name="modsecurity_crs_46_slr_et_rfi_attacks.conf" Source="release\owasp_crs\slr_rules\modsecurity_crs_46_slr_et_rfi_attacks.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_46_SLR_ET_SQLI_ATTACKS.CONF" DiskId="1" Guid="E8040B72-87F0-4844-B611-4D0D1956B75C">
|
<Component Id="MODSECURITY_CRS_46_SLR_ET_SQLI_ATTACKS.CONF" DiskId="1" Guid="5106909C-0F9A-4E1A-88F5-93B27BFD33B8">
|
||||||
<File Id="MODSECURITY_CRS_46_SLR_ET_SQLI_ATTACKS.CONF" Name="modsecurity_crs_46_slr_et_sqli_attacks.conf" Source="release\owasp_crs\slr_rules\modsecurity_crs_46_slr_et_sqli_attacks.conf" />
|
<File Id="MODSECURITY_CRS_46_SLR_ET_SQLI_ATTACKS.CONF" Name="modsecurity_crs_46_slr_et_sqli_attacks.conf" Source="release\owasp_crs\slr_rules\modsecurity_crs_46_slr_et_sqli_attacks.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_46_SLR_ET_WORDPRESS_ATTACKS.CONF" DiskId="1" Guid="80F634F2-8DF1-4FE5-89F1-02923D940FF2">
|
<Component Id="MODSECURITY_CRS_46_SLR_ET_WORDPRESS_ATTACKS.CONF" DiskId="1" Guid="E77E12C3-22DB-4F57-93FA-56256722F21A">
|
||||||
<File Id="MODSECURITY_CRS_46_SLR_ET_WORDPRESS_ATTACKS.CONF" Name="modsecurity_crs_46_slr_et_wordpress_attacks.conf" Source="release\owasp_crs\slr_rules\modsecurity_crs_46_slr_et_wordpress_attacks.conf" />
|
<File Id="MODSECURITY_CRS_46_SLR_ET_WORDPRESS_ATTACKS.CONF" Name="modsecurity_crs_46_slr_et_wordpress_attacks.conf" Source="release\owasp_crs\slr_rules\modsecurity_crs_46_slr_et_wordpress_attacks.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_46_SLR_ET_XSS_ATTACKS.CONF" DiskId="1" Guid="56CE53A9-D090-4EAB-8E2C-C2C504EE602A">
|
<Component Id="MODSECURITY_CRS_46_SLR_ET_XSS_ATTACKS.CONF" DiskId="1" Guid="456D8604-CE06-498D-BC2F-105D54C66CFB">
|
||||||
<File Id="MODSECURITY_CRS_46_SLR_ET_XSS_ATTACKS.CONF" Name="modsecurity_crs_46_slr_et_xss_attacks.conf" Source="release\owasp_crs\slr_rules\modsecurity_crs_46_slr_et_xss_attacks.conf" />
|
<File Id="MODSECURITY_CRS_46_SLR_ET_XSS_ATTACKS.CONF" Name="modsecurity_crs_46_slr_et_xss_attacks.conf" Source="release\owasp_crs\slr_rules\modsecurity_crs_46_slr_et_xss_attacks.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
</Directory>
|
</Directory>
|
||||||
<Directory Id="UTIL" Name="util">
|
<Directory Id="UTIL" Name="util">
|
||||||
<Component Id="ARACHNI2MODSEC.PL" DiskId="1" Guid="41AA7511-E5C5-4117-9EF1-F406E5D06A67">
|
<Component Id="README_1" DiskId="1" Guid="A95D50D7-4E87-4A87-BAD1-12370B8F5B9B">
|
||||||
<File Id="ARACHNI2MODSEC.PL" Name="arachni2modsec.pl" Source="release\owasp_crs\util\arachni2modsec.pl" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="README_1" DiskId="1" Guid="29A0E592-6A81-46DA-B5C8-D49C7AB96EAE">
|
|
||||||
<File Id="README_1" Name="README" Source="release\owasp_crs\util\README" />
|
<File Id="README_1" Name="README" Source="release\owasp_crs\util\README" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="RULES_UPDATER_EXAMPLE.CONF" DiskId="1" Guid="CAB3D664-0D1C-43A2-BEC4-A3AED2AFA5FA">
|
|
||||||
<File Id="RULES_UPDATER_EXAMPLE.CONF" Name="rules-updater-example.conf" Source="release\owasp_crs\util\rules-updater-example.conf" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="RULES_UPDATER.PL" DiskId="1" Guid="EF8CA107-A6BE-426B-9316-5C16F50E4A4E">
|
|
||||||
<File Id="RULES_UPDATER.PL" Name="rules-updater.pl" Source="release\owasp_crs\util\rules-updater.pl" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="RULES_UPDATER.PL.IN" DiskId="1" Guid="4E8FA2B6-FFF5-4880-AC7D-4C6150DB1D6D">
|
|
||||||
<File Id="RULES_UPDATER.PL.IN" Name="rules-updater.pl.in" Source="release\owasp_crs\util\rules-updater.pl.in" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="RUNAV.PL" DiskId="1" Guid="3210B9EB-578C-4258-81FC-123230C8599E">
|
|
||||||
<File Id="RUNAV.PL" Name="runav.pl" Source="release\owasp_crs\util\runav.pl" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="ZAP2MODSEC.PL" DiskId="1" Guid="9D997440-47F3-4604-B38C-AF543ECD3A96">
|
|
||||||
<File Id="ZAP2MODSEC.PL" Name="zap2modsec.pl" Source="release\owasp_crs\util\zap2modsec.pl" />
|
|
||||||
</Component>
|
|
||||||
<Directory Id="AV_SCANNING" Name="av-scanning">
|
<Directory Id="AV_SCANNING" Name="av-scanning">
|
||||||
<Component Id="RUNAV.PL_1" DiskId="1" Guid="2D62BF66-7941-4A87-97E4-B1F93D9B5886">
|
<Component Id="RUNAV.PL" DiskId="1" Guid="398B0257-F78A-4F8C-B313-90D0F61581A9">
|
||||||
<File Id="RUNAV.PL_1" Name="runav.pl" Source="release\owasp_crs\util\av-scanning\runav.pl" />
|
<File Id="RUNAV.PL" Name="runav.pl" Source="release\owasp_crs\util\av-scanning\runav.pl" />
|
||||||
</Component>
|
</Component>
|
||||||
<Directory Id="RUNAV" Name="runAV">
|
<Directory Id="RUNAV" Name="runAV">
|
||||||
<Component Id="COMMON.C" DiskId="1" Guid="7F7BD792-97E0-4637-A35C-5B80E324B4A4">
|
<Component Id="COMMON.C" DiskId="1" Guid="3EA0484E-5E42-43C3-B89B-71BCC89DBB4F">
|
||||||
<File Id="COMMON.C" Name="common.c" Source="release\owasp_crs\util\av-scanning\runAV\common.c" />
|
<File Id="COMMON.C" Name="common.c" Source="release\owasp_crs\util\av-scanning\runAV\common.c" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="COMMON.H" DiskId="1" Guid="CEBEA427-E4F7-41A7-AAF5-B6247D81B7E9">
|
<Component Id="COMMON.H" DiskId="1" Guid="29504C05-6147-4957-8390-60F039463FA9">
|
||||||
<File Id="COMMON.H" Name="common.h" Source="release\owasp_crs\util\av-scanning\runAV\common.h" />
|
<File Id="COMMON.H" Name="common.h" Source="release\owasp_crs\util\av-scanning\runAV\common.h" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="COMP" DiskId="1" Guid="D302E1A7-6401-495F-A7C8-9289E6F70792">
|
<Component Id="COMP" DiskId="1" Guid="CEB59BC0-C76D-4DBA-B0A0-42124A020FE4">
|
||||||
<File Id="COMP" Name="comp" Source="release\owasp_crs\util\av-scanning\runAV\comp" />
|
<File Id="COMP" Name="comp" Source="release\owasp_crs\util\av-scanning\runAV\comp" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="RUNAV_CLAMD.C" DiskId="1" Guid="537BC1F4-1F53-4296-BDDA-6B14CD46BFF9">
|
<Component Id="RUNAV_CLAMD.C" DiskId="1" Guid="FB6785F2-D985-4E68-8D7C-CBB0CDB7044F">
|
||||||
<File Id="RUNAV_CLAMD.C" Name="runAV-clamd.c" Source="release\owasp_crs\util\av-scanning\runAV\runAV-clamd.c" />
|
<File Id="RUNAV_CLAMD.C" Name="runAV-clamd.c" Source="release\owasp_crs\util\av-scanning\runAV\runAV-clamd.c" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="RUNAV.C" DiskId="1" Guid="8B3EF6F6-29A4-4470-BCA1-F186AECDF1D7">
|
<Component Id="RUNAV.C" DiskId="1" Guid="6121CDE1-8E12-41A0-812D-E8CD0540FCB9">
|
||||||
<File Id="RUNAV.C" Name="runAV.c" Source="release\owasp_crs\util\av-scanning\runAV\runAV.c" />
|
<File Id="RUNAV.C" Name="runAV.c" Source="release\owasp_crs\util\av-scanning\runAV\runAV.c" />
|
||||||
</Component>
|
</Component>
|
||||||
</Directory>
|
</Directory>
|
||||||
</Directory>
|
</Directory>
|
||||||
<Directory Id="BROWSER_TOOLS" Name="browser-tools">
|
<Directory Id="BROWSER_TOOLS" Name="browser-tools">
|
||||||
<Component Id="JS_OVERRIDES.JS" DiskId="1" Guid="C79ABB29-E0E4-496A-98B4-BF686A68FB95">
|
<Component Id="JS_OVERRIDES.JS" DiskId="1" Guid="A81D4319-9C26-4E29-A0BD-FC2DED0045A7">
|
||||||
<File Id="JS_OVERRIDES.JS" Name="js-overrIdes.js" Source="release\owasp_crs\util\browser-tools\js-overrIdes.js" />
|
<File Id="JS_OVERRIDES.JS" Name="js-overrides.js" Source="release\owasp_crs\util\browser-tools\js-overrides.js" />
|
||||||
</Component>
|
</Component>
|
||||||
</Directory>
|
</Directory>
|
||||||
<Directory Id="HONEYPOT_SENSOR" Name="honeypot-sensor">
|
<Directory Id="HONEYPOT_SENSOR" Name="honeypot-sensor">
|
||||||
<Component Id="MLOGC_HONEYPOT_SENSOR.CONF" DiskId="1" Guid="DAAF1A6E-8FA5-40A0-8A19-46027A9C8E6C">
|
<Component Id="MLOGC_HONEYPOT_SENSOR.CONF" DiskId="1" Guid="3D3DD51F-70FF-41CE-A756-2C2935A71BA8">
|
||||||
<File Id="MLOGC_HONEYPOT_SENSOR.CONF" Name="mlogc-honeypot-sensor.conf" Source="release\owasp_crs\util\honeypot-sensor\mlogc-honeypot-sensor.conf" />
|
<File Id="MLOGC_HONEYPOT_SENSOR.CONF" Name="mlogc-honeypot-sensor.conf" Source="release\owasp_crs\util\honeypot-sensor\mlogc-honeypot-sensor.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_10_HONEYPOT.CONF" DiskId="1" Guid="A7AF2790-6ADB-4490-9F75-C011D79950AC">
|
<Component Id="MODSECURITY_CRS_10_HONEYPOT.CONF" DiskId="1" Guid="5F643F1F-1AEA-404B-9261-2FBE34620C70">
|
||||||
<File Id="MODSECURITY_CRS_10_HONEYPOT.CONF" Name="modsecurity_crs_10_honeypot.conf" Source="release\owasp_crs\util\honeypot-sensor\modsecurity_crs_10_honeypot.conf" />
|
<File Id="MODSECURITY_CRS_10_HONEYPOT.CONF" Name="modsecurity_crs_10_honeypot.conf" Source="release\owasp_crs\util\honeypot-sensor\modsecurity_crs_10_honeypot.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="README.MD_1" DiskId="1" Guid="5A3AD317-9E54-4BAB-9021-98685248DA8A">
|
<Component Id="README.MD_1" DiskId="1" Guid="35D1829A-13D8-4CC9-8706-6EC4EBB56C53">
|
||||||
<File Id="README.MD_1" Name="README.md" Source="release\owasp_crs\util\honeypot-sensor\README.md" />
|
<File Id="README.MD_1" Name="README.md" Source="release\owasp_crs\util\honeypot-sensor\README.md" />
|
||||||
</Component>
|
</Component>
|
||||||
</Directory>
|
</Directory>
|
||||||
<Directory Id="HONEYPOT_SENSOR_1" Name="honeypot_sensor">
|
|
||||||
<Component Id="MLOGC_HONEYPOT_SENSOR.CONF_1" DiskId="1" Guid="E73ECCC5-081D-4905-B2F2-065E54DEBDC6">
|
|
||||||
<File Id="MLOGC_HONEYPOT_SENSOR.CONF_1" Name="mlogc-honeypot-sensor.conf" Source="release\owasp_crs\util\honeypot_sensor\mlogc-honeypot-sensor.conf" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_CRS_10_HONEYPOT.CONF_1" DiskId="1" Guid="F1F04065-3A89-46C5-BF6A-9E62485E51C1">
|
|
||||||
<File Id="MODSECURITY_CRS_10_HONEYPOT.CONF_1" Name="modsecurity_crs_10_honeypot.conf" Source="release\owasp_crs\util\honeypot_sensor\modsecurity_crs_10_honeypot.conf" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="README.MD_2" DiskId="1" Guid="8D137680-3CF8-4A6B-BB04-EE7419E91AD8">
|
|
||||||
<File Id="README.MD_2" Name="README.md" Source="release\owasp_crs\util\honeypot_sensor\README.md" />
|
|
||||||
</Component>
|
|
||||||
</Directory>
|
|
||||||
<Directory Id="REGRESSION_TESTS" Name="regression-tests">
|
<Directory Id="REGRESSION_TESTS" Name="regression-tests">
|
||||||
<Component Id="INSTALL_1" DiskId="1" Guid="6357E533-46C6-48AE-8E67-67DD4BF9CD8D">
|
<Component Id="INSTALL_1" DiskId="1" Guid="02AF3C5A-DCF9-4DB6-A1C8-B1EF140C8EBC">
|
||||||
<File Id="INSTALL_1" Name="INSTALL" Source="release\owasp_crs\util\regression-tests\INSTALL" />
|
<File Id="INSTALL_1" Name="INSTALL" Source="release\owasp_crs\util\regression-tests\INSTALL" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_59_HEADER_TAGGING.CONF" DiskId="1" Guid="322F2EAD-6241-43C0-A4C0-93B483F2EB84">
|
<Component Id="MODSECURITY_CRS_59_HEADER_TAGGING.CONF" DiskId="1" Guid="42C2D42E-DCAE-4212-8B43-ABA5F8467393">
|
||||||
<File Id="MODSECURITY_CRS_59_HEADER_TAGGING.CONF" Name="modsecurity_crs_59_header_tagging.conf" Source="release\owasp_crs\util\regression-tests\modsecurity_crs_59_header_tagging.conf" />
|
<File Id="MODSECURITY_CRS_59_HEADER_TAGGING.CONF" Name="modsecurity_crs_59_header_tagging.conf" Source="release\owasp_crs\util\regression-tests\modsecurity_crs_59_header_tagging.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="README_2" DiskId="1" Guid="C3CBCF28-6B7E-402D-87AA-67AB030D210F">
|
<Component Id="README_2" DiskId="1" Guid="E4C933D0-810A-4CD7-9453-9D3CD91785B3">
|
||||||
<File Id="README_2" Name="README" Source="release\owasp_crs\util\regression-tests\README" />
|
<File Id="README_2" Name="README" Source="release\owasp_crs\util\regression-tests\README" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="RULESTEST.CONF" DiskId="1" Guid="B4F1AD14-E69F-453F-BAD1-E28EDD392EB4">
|
<Component Id="RULESTEST.CONF" DiskId="1" Guid="71B11439-F036-4BEB-9052-196E66C89815">
|
||||||
<File Id="RULESTEST.CONF" Name="rulestest.conf" Source="release\owasp_crs\util\regression-tests\rulestest.conf" />
|
<File Id="RULESTEST.CONF" Name="rulestest.conf" Source="release\owasp_crs\util\regression-tests\rulestest.conf" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="RULESTEST.PL" DiskId="1" Guid="1A90C1E0-4614-4F3C-83AF-121769058AA9">
|
<Component Id="RULESTEST.PL" DiskId="1" Guid="B6F99088-BD50-4A1D-9C50-27178593D561">
|
||||||
<File Id="RULESTEST.PL" Name="rulestest.pl" Source="release\owasp_crs\util\regression-tests\rulestest.pl" />
|
<File Id="RULESTEST.PL" Name="rulestest.pl" Source="release\owasp_crs\util\regression-tests\rulestest.pl" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="TESTSERVER.CGI" DiskId="1" Guid="5CE6E51D-2391-4344-A6E4-07F2178EAFD8">
|
<Component Id="TESTSERVER.CGI" DiskId="1" Guid="F2DFC065-4342-4457-8A1D-EFC9229597FF">
|
||||||
<File Id="TESTSERVER.CGI" Name="testserver.cgi" Source="release\owasp_crs\util\regression-tests\testserver.cgi" />
|
<File Id="TESTSERVER.CGI" Name="testserver.cgi" Source="release\owasp_crs\util\regression-tests\testserver.cgi" />
|
||||||
</Component>
|
</Component>
|
||||||
<Directory Id="TESTS" Name="tests">
|
<Directory Id="TESTS" Name="tests">
|
||||||
<Component Id="MODSECURITY_CRS_20_PROTOCOL_VIOLATIONS.TESTS" DiskId="1" Guid="693351B5-7384-470F-B07F-E5E88DDD4690">
|
<Component Id="MODSECURITY_CRS_20_PROTOCOL_VIOLATIONS.TESTS" DiskId="1" Guid="FCCBB8FE-4327-4AF0-AB5C-3120858EBB16">
|
||||||
<File Id="MODSECURITY_CRS_20_PROTOCOL_VIOLATIONS.TESTS" Name="modsecurity_crs_20_protocol_violations.tests" Source="release\owasp_crs\util\regression-tests\tests\modsecurity_crs_20_protocol_violations.tests" />
|
<File Id="MODSECURITY_CRS_20_PROTOCOL_VIOLATIONS.TESTS" Name="modsecurity_crs_20_protocol_violations.tests" Source="release\owasp_crs\util\regression-tests\tests\modsecurity_crs_20_protocol_violations.tests" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_21_PROTOCOL_ANOMALIES.TESTS" DiskId="1" Guid="AED3DB70-BD91-41B2-976A-4051287438FD">
|
<Component Id="MODSECURITY_CRS_21_PROTOCOL_ANOMALIES.TESTS" DiskId="1" Guid="10EA8DFE-BEDC-46F6-8F42-6F9DB7E2BB91">
|
||||||
<File Id="MODSECURITY_CRS_21_PROTOCOL_ANOMALIES.TESTS" Name="modsecurity_crs_21_protocol_anomalies.tests" Source="release\owasp_crs\util\regression-tests\tests\modsecurity_crs_21_protocol_anomalies.tests" />
|
<File Id="MODSECURITY_CRS_21_PROTOCOL_ANOMALIES.TESTS" Name="modsecurity_crs_21_protocol_anomalies.tests" Source="release\owasp_crs\util\regression-tests\tests\modsecurity_crs_21_protocol_anomalies.tests" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_23_REQUEST_LIMITS.TESTS" DiskId="1" Guid="7C486057-74A6-441A-B017-6A753D87F446">
|
<Component Id="MODSECURITY_CRS_23_REQUEST_LIMITS.TESTS" DiskId="1" Guid="D6423225-9D55-44BF-8369-88F0A4169DEC">
|
||||||
<File Id="MODSECURITY_CRS_23_REQUEST_LIMITS.TESTS" Name="modsecurity_crs_23_request_limits.tests" Source="release\owasp_crs\util\regression-tests\tests\modsecurity_crs_23_request_limits.tests" />
|
<File Id="MODSECURITY_CRS_23_REQUEST_LIMITS.TESTS" Name="modsecurity_crs_23_request_limits.tests" Source="release\owasp_crs\util\regression-tests\tests\modsecurity_crs_23_request_limits.tests" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_30_HTTP_POLICY.TESTS" DiskId="1" Guid="FBA95B9B-3E86-434E-BA2A-0B827FA6562F">
|
<Component Id="MODSECURITY_CRS_30_HTTP_POLICY.TESTS" DiskId="1" Guid="AE373E10-4CF1-425A-AA71-826544A268F1">
|
||||||
<File Id="MODSECURITY_CRS_30_HTTP_POLICY.TESTS" Name="modsecurity_crs_30_http_policy.tests" Source="release\owasp_crs\util\regression-tests\tests\modsecurity_crs_30_http_policy.tests" />
|
<File Id="MODSECURITY_CRS_30_HTTP_POLICY.TESTS" Name="modsecurity_crs_30_http_policy.tests" Source="release\owasp_crs\util\regression-tests\tests\modsecurity_crs_30_http_policy.tests" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_35_BAD_ROBOTS.TESTS" DiskId="1" Guid="AD516FD7-D3CC-4266-AC34-8ACF437F35F0">
|
<Component Id="MODSECURITY_CRS_35_BAD_ROBOTS.TESTS" DiskId="1" Guid="F8598994-3565-4900-BA68-62B4CF38079C">
|
||||||
<File Id="MODSECURITY_CRS_35_BAD_ROBOTS.TESTS" Name="modsecurity_crs_35_bad_robots.tests" Source="release\owasp_crs\util\regression-tests\tests\modsecurity_crs_35_bad_robots.tests" />
|
<File Id="MODSECURITY_CRS_35_BAD_ROBOTS.TESTS" Name="modsecurity_crs_35_bad_robots.tests" Source="release\owasp_crs\util\regression-tests\tests\modsecurity_crs_35_bad_robots.tests" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_40_GENERIC_ATTACKS.TESTS" DiskId="1" Guid="B4F5425A-EF25-4ADB-BD83-1B944704E022">
|
<Component Id="MODSECURITY_CRS_40_GENERIC_ATTACKS.TESTS" DiskId="1" Guid="F5ADA896-81BD-48BE-A2D6-07B8D6914602">
|
||||||
<File Id="MODSECURITY_CRS_40_GENERIC_ATTACKS.TESTS" Name="modsecurity_crs_40_generic_attacks.tests" Source="release\owasp_crs\util\regression-tests\tests\modsecurity_crs_40_generic_attacks.tests" />
|
<File Id="MODSECURITY_CRS_40_GENERIC_ATTACKS.TESTS" Name="modsecurity_crs_40_generic_attacks.tests" Source="release\owasp_crs\util\regression-tests\tests\modsecurity_crs_40_generic_attacks.tests" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_41_SQL_INJECTION_ATTACKS.TESTS" DiskId="1" Guid="A7076E0B-CCF7-4B10-9843-68140B9063AE">
|
<Component Id="MODSECURITY_CRS_41_SQL_INJECTION_ATTACKS.TESTS" DiskId="1" Guid="FA1A3FE9-CF6E-47C2-91FD-5CB4B7C38532">
|
||||||
<File Id="MODSECURITY_CRS_41_SQL_INJECTION_ATTACKS.TESTS" Name="modsecurity_crs_41_sql_injection_attacks.tests" Source="release\owasp_crs\util\regression-tests\tests\modsecurity_crs_41_sql_injection_attacks.tests" />
|
<File Id="MODSECURITY_CRS_41_SQL_INJECTION_ATTACKS.TESTS" Name="modsecurity_crs_41_sql_injection_attacks.tests" Source="release\owasp_crs\util\regression-tests\tests\modsecurity_crs_41_sql_injection_attacks.tests" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_41_XSS_ATTACKS.TESTS" DiskId="1" Guid="11AEC2AC-21A7-4336-9139-22D2EB093AB7">
|
<Component Id="MODSECURITY_CRS_41_XSS_ATTACKS.TESTS" DiskId="1" Guid="371184B4-6F7C-4F5A-A7BC-CEA578FF18A5">
|
||||||
<File Id="MODSECURITY_CRS_41_XSS_ATTACKS.TESTS" Name="modsecurity_crs_41_xss_attacks.tests" Source="release\owasp_crs\util\regression-tests\tests\modsecurity_crs_41_xss_attacks.tests" />
|
<File Id="MODSECURITY_CRS_41_XSS_ATTACKS.TESTS" Name="modsecurity_crs_41_xss_attacks.tests" Source="release\owasp_crs\util\regression-tests\tests\modsecurity_crs_41_xss_attacks.tests" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_50_OUTBOUND.TESTS" DiskId="1" Guid="FEC5007A-FED6-4A72-9949-DE9A69BD8E2A">
|
<Component Id="MODSECURITY_CRS_50_OUTBOUND.TESTS" DiskId="1" Guid="5A55697D-5A14-4E45-B0A6-CD9475EA2C3D">
|
||||||
<File Id="MODSECURITY_CRS_50_OUTBOUND.TESTS" Name="modsecurity_crs_50_outbound.tests" Source="release\owasp_crs\util\regression-tests\tests\modsecurity_crs_50_outbound.tests" />
|
<File Id="MODSECURITY_CRS_50_OUTBOUND.TESTS" Name="modsecurity_crs_50_outbound.tests" Source="release\owasp_crs\util\regression-tests\tests\modsecurity_crs_50_outbound.tests" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="RUBY.TESTS" DiskId="1" Guid="5D511DE1-5E45-420F-9471-FFFD72E848E2">
|
<Component Id="RUBY.TESTS" DiskId="1" Guid="F3A13399-D449-4F90-8C0E-E9E5988D45AE">
|
||||||
<File Id="RUBY.TESTS" Name="ruby.tests" Source="release\owasp_crs\util\regression-tests\tests\ruby.tests" />
|
<File Id="RUBY.TESTS" Name="ruby.tests" Source="release\owasp_crs\util\regression-tests\tests\ruby.tests" />
|
||||||
</Component>
|
</Component>
|
||||||
</Directory>
|
</Directory>
|
||||||
</Directory>
|
</Directory>
|
||||||
<Directory Id="REGRESSION_TESTS_1" Name="regression_tests">
|
<Directory Id="RULE_MANAGEMENT" Name="rule-management">
|
||||||
<Component Id="INSTALL_2" DiskId="1" Guid="A78B2EE7-1AEF-4EBE-AC32-897E007A2736">
|
<Component Id="ID_RANGE" DiskId="1" Guid="0368949F-5721-4648-A789-1D5598F327F5">
|
||||||
<File Id="INSTALL_2" Name="INSTALL" Source="release\owasp_crs\util\regression_tests\INSTALL" />
|
<File Id="ID_RANGE" Name="id-range" Source="release\owasp_crs\util\rule-management\id-range" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="MODSECURITY_CRS_59_HEADER_TAGGING.CONF_1" DiskId="1" Guid="B78FC397-148F-4C02-94DA-9E87CAA38E46">
|
<Component Id="REMOVE_2.7_ACTIONS.PL" DiskId="1" Guid="9624F10D-AFD5-4CC8-8C89-F9C969CDA31D">
|
||||||
<File Id="MODSECURITY_CRS_59_HEADER_TAGGING.CONF_1" Name="modsecurity_crs_59_header_tagging.conf" Source="release\owasp_crs\util\regression_tests\modsecurity_crs_59_header_tagging.conf" />
|
<File Id="REMOVE_2.7_ACTIONS.PL" Name="remove-2.7-actions.pl" Source="release\owasp_crs\util\rule-management\remove-2.7-actions.pl" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="README_3" DiskId="1" Guid="9E5EA2A0-0C43-4031-AE11-0CB3E2EB7122">
|
<Component Id="VERIFY.RB" DiskId="1" Guid="4D4AB297-50DB-411E-8D12-E0205CCB53B4">
|
||||||
<File Id="README_3" Name="README" Source="release\owasp_crs\util\regression_tests\README" />
|
<File Id="VERIFY.RB" Name="verify.rb" Source="release\owasp_crs\util\rule-management\verify.rb" />
|
||||||
</Component>
|
|
||||||
<Component Id="RULESTEST.CONF_1" DiskId="1" Guid="6E651336-9D6C-462F-986F-81BD75789F1F">
|
|
||||||
<File Id="RULESTEST.CONF_1" Name="rulestest.conf" Source="release\owasp_crs\util\regression_tests\rulestest.conf" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="RULESTEST.PL_1" DiskId="1" Guid="860182AF-2E14-4167-8CE1-8380E40A9005">
|
|
||||||
<File Id="RULESTEST.PL_1" Name="rulestest.pl" Source="release\owasp_crs\util\regression_tests\rulestest.pl" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="TESTSERVER.CGI_1" DiskId="1" Guid="F1AFCE7E-E756-4F97-818E-B4DFEC27AEE1">
|
|
||||||
<File Id="TESTSERVER.CGI_1" Name="testserver.cgi" Source="release\owasp_crs\util\regression_tests\testserver.cgi" />
|
|
||||||
</Component>
|
|
||||||
<Directory Id="TESTS_1" Name="tests">
|
|
||||||
<Component Id="MODSECURITY_CRS_20_PROTOCOL_VIOLATIONS.TESTS_1" DiskId="1" Guid="5548A833-8FB3-4B77-9788-F1E172D10FD4">
|
|
||||||
<File Id="MODSECURITY_CRS_20_PROTOCOL_VIOLATIONS.TESTS_1" Name="modsecurity_crs_20_protocol_violations.tests" Source="release\owasp_crs\util\regression_tests\tests\modsecurity_crs_20_protocol_violations.tests" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_CRS_21_PROTOCOL_ANOMALIES.TESTS_1" DiskId="1" Guid="13BDAFDF-FBCC-4717-9CB5-211D9216A5A3">
|
|
||||||
<File Id="MODSECURITY_CRS_21_PROTOCOL_ANOMALIES.TESTS_1" Name="modsecurity_crs_21_protocol_anomalies.tests" Source="release\owasp_crs\util\regression_tests\tests\modsecurity_crs_21_protocol_anomalies.tests" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_CRS_23_REQUEST_LIMITS.TESTS_1" DiskId="1" Guid="75E810BE-4882-486A-904F-3D1B0CC0BE33">
|
|
||||||
<File Id="MODSECURITY_CRS_23_REQUEST_LIMITS.TESTS_1" Name="modsecurity_crs_23_request_limits.tests" Source="release\owasp_crs\util\regression_tests\tests\modsecurity_crs_23_request_limits.tests" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_CRS_30_HTTP_POLICY.TESTS_1" DiskId="1" Guid="AB1C208E-0B9B-4114-B7CE-E4B6E69865BF">
|
|
||||||
<File Id="MODSECURITY_CRS_30_HTTP_POLICY.TESTS_1" Name="modsecurity_crs_30_http_policy.tests" Source="release\owasp_crs\util\regression_tests\tests\modsecurity_crs_30_http_policy.tests" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_CRS_35_BAD_ROBOTS.TESTS_1" DiskId="1" Guid="06A4EF00-261D-4434-8627-B279D87FBF27">
|
|
||||||
<File Id="MODSECURITY_CRS_35_BAD_ROBOTS.TESTS_1" Name="modsecurity_crs_35_bad_robots.tests" Source="release\owasp_crs\util\regression_tests\tests\modsecurity_crs_35_bad_robots.tests" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_CRS_40_GENERIC_ATTACKS.TESTS_1" DiskId="1" Guid="7D1FD870-0F8F-4E1E-B962-1DA09C35009C">
|
|
||||||
<File Id="MODSECURITY_CRS_40_GENERIC_ATTACKS.TESTS_1" Name="modsecurity_crs_40_generic_attacks.tests" Source="release\owasp_crs\util\regression_tests\tests\modsecurity_crs_40_generic_attacks.tests" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_CRS_41_SQL_INJECTION_ATTACKS.TESTS_1" DiskId="1" Guid="7A05F6EB-2454-4DE6-B664-7DBE95E01D82">
|
|
||||||
<File Id="MODSECURITY_CRS_41_SQL_INJECTION_ATTACKS.TESTS_1" Name="modsecurity_crs_41_sql_injection_attacks.tests" Source="release\owasp_crs\util\regression_tests\tests\modsecurity_crs_41_sql_injection_attacks.tests" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="MODSECURITY_CRS_50_OUTBOUND.TESTS_1" DiskId="1" Guid="AAC86BBB-A376-4EAE-B731-31458DD92F5C">
|
|
||||||
<File Id="MODSECURITY_CRS_50_OUTBOUND.TESTS_1" Name="modsecurity_crs_50_outbound.tests" Source="release\owasp_crs\util\regression_tests\tests\modsecurity_crs_50_outbound.tests" />
|
|
||||||
</Component>
|
|
||||||
</Directory>
|
|
||||||
</Directory>
|
|
||||||
<Directory Id="RUNAV_1" Name="runAV">
|
|
||||||
<Component Id="COMMON.C_1" DiskId="1" Guid="4FF636AA-51E1-492B-9695-6CB4E99C075F">
|
|
||||||
<File Id="COMMON.C_1" Name="common.c" Source="release\owasp_crs\util\runAV\common.c" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="COMMON.H_1" DiskId="1" Guid="D057EAE0-9F68-4392-983A-E3E0AB43099B">
|
|
||||||
<File Id="COMMON.H_1" Name="common.h" Source="release\owasp_crs\util\runAV\common.h" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="COMP_1" DiskId="1" Guid="7C76D90E-D269-4A17-A9EF-B65528DE3049">
|
|
||||||
<File Id="COMP_1" Name="comp" Source="release\owasp_crs\util\runAV\comp" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="RUNAV_CLAMD.C_1" DiskId="1" Guid="1324A63D-63F4-419B-B496-1C73CDE888D1">
|
|
||||||
<File Id="RUNAV_CLAMD.C_1" Name="runAV-clamd.c" Source="release\owasp_crs\util\runAV\runAV-clamd.c" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="RUNAV.C_1" DiskId="1" Guid="6E3B0099-5930-4F12-A33F-BA9514C427F0">
|
|
||||||
<File Id="RUNAV.C_1" Name="runAV.c" Source="release\owasp_crs\util\runAV\runAV.c" />
|
|
||||||
</Component>
|
</Component>
|
||||||
</Directory>
|
</Directory>
|
||||||
<Directory Id="VIRTUAL_PATCHING" Name="virtual-patching">
|
<Directory Id="VIRTUAL_PATCHING" Name="virtual-patching">
|
||||||
<Component Id="ARACHNI2MODSEC.PL_1" DiskId="1" Guid="1EAAC68C-65D5-4553-BD95-6B595BC7C519">
|
<Component Id="ARACHNI2MODSEC.PL" DiskId="1" Guid="DDDD3A2B-CEC1-42B3-9984-2987CA5BA311">
|
||||||
<File Id="ARACHNI2MODSEC.PL_1" Name="arachni2modsec.pl" Source="release\owasp_crs\util\virtual-patching\arachni2modsec.pl" />
|
<File Id="ARACHNI2MODSEC.PL" Name="arachni2modsec.pl" Source="release\owasp_crs\util\virtual-patching\arachni2modsec.pl" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="ZAP2MODSEC.PL_1" DiskId="1" Guid="24A2BC8D-8067-439E-93DA-446F6DAE4024">
|
<Component Id="ZAP2MODSEC.PL" DiskId="1" Guid="CADBD60B-235E-4B2D-94D3-7CA2E4E19D9C">
|
||||||
<File Id="ZAP2MODSEC.PL_1" Name="zap2modsec.pl" Source="release\owasp_crs\util\virtual-patching\zap2modsec.pl" />
|
<File Id="ZAP2MODSEC.PL" Name="zap2modsec.pl" Source="release\owasp_crs\util\virtual-patching\zap2modsec.pl" />
|
||||||
</Component>
|
</Component>
|
||||||
</Directory>
|
</Directory>
|
||||||
</Directory>
|
</Directory>
|
||||||
</Directory>
|
</Directory>
|
||||||
</Directory>
|
</Directory>
|
||||||
|
</Directory>
|
||||||
<Directory Id="ProgramMenuFolder">
|
<Directory Id="ProgramMenuFolder">
|
||||||
<Directory Id="ProgramMenuDir" Name="ModSecurity IIS">
|
<Directory Id="ProgramMenuDir" Name="ModSecurity IIS">
|
||||||
<Component Id="StartMenuShortcuts" Guid="43C26B13-C4D8-42F8-8715-3AF78E66C902">
|
<Component Id="StartMenuShortcuts" Guid="43C26B13-C4D8-42F8-8715-3AF78E66C902">
|
||||||
@@ -652,15 +503,24 @@
|
|||||||
</Directory>
|
</Directory>
|
||||||
</Directory>
|
</Directory>
|
||||||
<DirectoryRef Id="INSTALLFOLDER">
|
<DirectoryRef Id="INSTALLFOLDER">
|
||||||
<Component Id="MODSECURITY.XML" DiskId="1" Guid="EC953A29-35AD-44A8-A3D4-875ACCFEC465">
|
|
||||||
<File Id="MODSECURITY.XML" Name="ModSecurity.xml" Source="ModSecurity.xml" />
|
|
||||||
</Component>
|
|
||||||
<Component Id="README.TXT" DiskId="1" Guid="980270DF-81AB-469B-AB0E-64FA3BA160B6">
|
<Component Id="README.TXT" DiskId="1" Guid="980270DF-81AB-469B-AB0E-64FA3BA160B6">
|
||||||
<File Id="README.TXT" Name="README.TXT" Source="wix\README.TXT" />
|
<File Id="README.TXT" Name="README.TXT" Source="wix\README.TXT" />
|
||||||
</Component>
|
</Component>
|
||||||
<Component Id="EULA.RTF" DiskId="1" Guid="980270DF-81AB-469B-AB0E-64FA3BA160B1">
|
<Component Id="EULA.RTF" DiskId="1" Guid="980270DF-81AB-469B-AB0E-64FA3BA160B1">
|
||||||
<File Id="EULA.RTF" Name="EULA.rtf" Source="wix\EULA.rtf" />
|
<File Id="EULA.RTF" Name="EULA.rtf" Source="wix\EULA.rtf" />
|
||||||
</Component>
|
</Component>
|
||||||
|
<Component Id="modsecurity.conf" DiskId="1" Guid="980270DF-81AB-469B-AB0E-64FA3BA163B1">
|
||||||
|
<File Id="modsecurity.conf" Name="modsecurity.conf" Source="wix\modsecurity.conf" />
|
||||||
|
</Component>
|
||||||
|
|
||||||
|
<Component Id="modsecurity_iis.conf" DiskId="1" Guid="980270DF-81AB-469B-AB0E-64FA3BA161B1">
|
||||||
|
<File Id="modsecurity_iis.conf" Name="modsecurity_iis.conf" Source="wix\modsecurity_iis.conf" />
|
||||||
|
</Component>
|
||||||
|
|
||||||
|
<Component Id="modsecurity_crs_10_setup.conf" DiskId="1" Guid="980270DF-81AB-469B-AB0E-64FA3BA166B1">
|
||||||
|
<File Id="modsecurity_crs_10_setup.conf" Name="modsecurity_crs_10_setup.conf" Source="wix\modsecurity_crs_10_setup.conf" />
|
||||||
|
</Component>
|
||||||
|
|
||||||
</DirectoryRef>
|
</DirectoryRef>
|
||||||
<?if $(var.Win64) = "yes" ?>
|
<?if $(var.Win64) = "yes" ?>
|
||||||
<DirectoryRef Id="inetsrv">
|
<DirectoryRef Id="inetsrv">
|
||||||
@@ -695,7 +555,7 @@
|
|||||||
<File Id="ZLIB1.DLL" Name="zlib1.dll" Source="Release\amd64\zlib1.dll" />
|
<File Id="ZLIB1.DLL" Name="zlib1.dll" Source="Release\amd64\zlib1.dll" />
|
||||||
</Component>
|
</Component>
|
||||||
</DirectoryRef>
|
</DirectoryRef>
|
||||||
<?else?>
|
<?else ?>
|
||||||
<DirectoryRef Id="inetsrv">
|
<DirectoryRef Id="inetsrv">
|
||||||
<Component Id="LIBAPR_1.DLL" DiskId="1" Guid="514A81F0-2413-42EF-B19F-E2613125ECE1">
|
<Component Id="LIBAPR_1.DLL" DiskId="1" Guid="514A81F0-2413-42EF-B19F-E2613125ECE1">
|
||||||
<File Id="LIBAPR_1.DLL" Name="libapr-1.dll" Source="Release\x86\libapr-1.dll" />
|
<File Id="LIBAPR_1.DLL" Name="libapr-1.dll" Source="Release\x86\libapr-1.dll" />
|
||||||
@@ -728,9 +588,8 @@
|
|||||||
<File Id="ZLIB1.DLL" Name="zlib1.dll" Source="Release\x86\zlib1.dll" />
|
<File Id="ZLIB1.DLL" Name="zlib1.dll" Source="Release\x86\zlib1.dll" />
|
||||||
</Component>
|
</Component>
|
||||||
</DirectoryRef>
|
</DirectoryRef>
|
||||||
<?endif?>
|
<?endif ?>
|
||||||
<Feature Id="DefaultFeature" Title="Main Feature" Level="1">
|
<Feature Id="DefaultFeature" Title="ModSecurity IIS" Level="1">
|
||||||
<ComponentRef Id="MODSECURITY.XML" />
|
|
||||||
<ComponentRef Id="README.TXT" />
|
<ComponentRef Id="README.TXT" />
|
||||||
<ComponentRef Id="EULA.RTF" />
|
<ComponentRef Id="EULA.RTF" />
|
||||||
<ComponentRef Id="LIBAPR_1.DLL" />
|
<ComponentRef Id="LIBAPR_1.DLL" />
|
||||||
@@ -744,20 +603,25 @@
|
|||||||
<ComponentRef Id="PCRE.DLL" />
|
<ComponentRef Id="PCRE.DLL" />
|
||||||
<ComponentRef Id="ZLIB1.DLL" />
|
<ComponentRef Id="ZLIB1.DLL" />
|
||||||
<ComponentRef Id="StartMenuShortcuts" />
|
<ComponentRef Id="StartMenuShortcuts" />
|
||||||
|
<ComponentRef Id="modsecurity.conf" />
|
||||||
|
<ComponentRef Id="modsecurity_iis.conf" />
|
||||||
|
<ComponentRef Id="modsecurity_crs_10_setup.conf" />
|
||||||
|
|
||||||
|
<Feature Id="OWASP_ModSecurity_CRS_v2.2.8" Level="1" Title="OWASP ModSecurity CRS v2.2.8">
|
||||||
<ComponentRef Id="_.GITIGNORE" />
|
<ComponentRef Id="_.GITIGNORE" />
|
||||||
<ComponentRef Id="CHANGELOG" />
|
<ComponentRef Id="CHANGES" />
|
||||||
<ComponentRef Id="ID_RANGE" />
|
|
||||||
<ComponentRef Id="INSTALL" />
|
<ComponentRef Id="INSTALL" />
|
||||||
<ComponentRef Id="LICENSE" />
|
<ComponentRef Id="LICENSE" />
|
||||||
<ComponentRef Id="MODSECURITY.CONF" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_10_SETUP.CONF" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_10_SETUP.CONF.EXAMPLE" />
|
<ComponentRef Id="MODSECURITY_CRS_10_SETUP.CONF.EXAMPLE" />
|
||||||
<ComponentRef Id="MODSECURITY_IIS.CONF" />
|
|
||||||
<ComponentRef Id="README.MD" />
|
<ComponentRef Id="README.MD" />
|
||||||
|
<ComponentRef Id="README" />
|
||||||
<ComponentRef Id="MODSECURITY_35_BAD_ROBOTS.DATA" />
|
<ComponentRef Id="MODSECURITY_35_BAD_ROBOTS.DATA" />
|
||||||
<ComponentRef Id="MODSECURITY_35_SCANNERS.DATA" />
|
<ComponentRef Id="MODSECURITY_35_SCANNERS.DATA" />
|
||||||
<ComponentRef Id="MODSECURITY_40_GENERIC_ATTACKS.DATA" />
|
<ComponentRef Id="MODSECURITY_40_GENERIC_ATTACKS.DATA" />
|
||||||
<ComponentRef Id="MODSECURITY_41_SQL_INJECTION_ATTACKS.DATA" />
|
<ComponentRef Id="MODSECURITY_50_OUTBOUND.DATA" />
|
||||||
|
<ComponentRef Id="MODSECURITY_50_OUTBOUND_MALWARE.DATA" />
|
||||||
|
<ComponentRef Id="MODSECURITY_CRS_20_PROTOCOL_VIOLATIONS.CONF" />
|
||||||
|
<ComponentRef Id="MODSECURITY_CRS_21_PROTOCOL_ANOMALIES.CONF" />
|
||||||
<ComponentRef Id="MODSECURITY_CRS_23_REQUEST_LIMITS.CONF" />
|
<ComponentRef Id="MODSECURITY_CRS_23_REQUEST_LIMITS.CONF" />
|
||||||
<ComponentRef Id="MODSECURITY_CRS_30_HTTP_POLICY.CONF" />
|
<ComponentRef Id="MODSECURITY_CRS_30_HTTP_POLICY.CONF" />
|
||||||
<ComponentRef Id="MODSECURITY_CRS_35_BAD_ROBOTS.CONF" />
|
<ComponentRef Id="MODSECURITY_CRS_35_BAD_ROBOTS.CONF" />
|
||||||
@@ -767,24 +631,6 @@
|
|||||||
<ComponentRef Id="MODSECURITY_CRS_42_TIGHT_SECURITY.CONF" />
|
<ComponentRef Id="MODSECURITY_CRS_42_TIGHT_SECURITY.CONF" />
|
||||||
<ComponentRef Id="MODSECURITY_CRS_45_TROJANS.CONF" />
|
<ComponentRef Id="MODSECURITY_CRS_45_TROJANS.CONF" />
|
||||||
<ComponentRef Id="MODSECURITY_CRS_47_COMMON_EXCEPTIONS.CONF" />
|
<ComponentRef Id="MODSECURITY_CRS_47_COMMON_EXCEPTIONS.CONF" />
|
||||||
<ComponentRef Id="README" />
|
|
||||||
<ComponentRef Id="MODSECURITY_35_BAD_ROBOTS.DATA_1" />
|
|
||||||
<ComponentRef Id="MODSECURITY_35_SCANNERS.DATA_1" />
|
|
||||||
<ComponentRef Id="MODSECURITY_40_GENERIC_ATTACKS.DATA_1" />
|
|
||||||
<ComponentRef Id="MODSECURITY_41_SQL_INJECTION_ATTACKS.DATA_1" />
|
|
||||||
<ComponentRef Id="MODSECURITY_50_OUTBOUND.DATA" />
|
|
||||||
<ComponentRef Id="MODSECURITY_50_OUTBOUND_MALWARE.DATA" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_20_PROTOCOL_VIOLATIONS.CONF" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_21_PROTOCOL_ANOMALIES.CONF" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_23_REQUEST_LIMITS.CONF_1" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_30_HTTP_POLICY.CONF_1" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_35_BAD_ROBOTS.CONF_1" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_40_GENERIC_ATTACKS.CONF_1" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_41_SQL_INJECTION_ATTACKS.CONF_1" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_41_XSS_ATTACKS.CONF_1" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_42_TIGHT_SECURITY.CONF_1" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_45_TROJANS.CONF_1" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_47_COMMON_EXCEPTIONS.CONF_1" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_48_LOCAL_EXCEPTIONS.CONF.EXAMPLE" />
|
<ComponentRef Id="MODSECURITY_CRS_48_LOCAL_EXCEPTIONS.CONF.EXAMPLE" />
|
||||||
<ComponentRef Id="MODSECURITY_CRS_49_INBOUND_BLOCKING.CONF" />
|
<ComponentRef Id="MODSECURITY_CRS_49_INBOUND_BLOCKING.CONF" />
|
||||||
<ComponentRef Id="MODSECURITY_CRS_50_OUTBOUND.CONF" />
|
<ComponentRef Id="MODSECURITY_CRS_50_OUTBOUND.CONF" />
|
||||||
@@ -801,9 +647,7 @@
|
|||||||
<ComponentRef Id="MODSECURITY_CRS_40_APPSENSOR_DETECTION_POINT_2.9_HONEYTRAP.CONF" />
|
<ComponentRef Id="MODSECURITY_CRS_40_APPSENSOR_DETECTION_POINT_2.9_HONEYTRAP.CONF" />
|
||||||
<ComponentRef Id="MODSECURITY_CRS_40_APPSENSOR_DETECTION_POINT_3.0_END.CONF" />
|
<ComponentRef Id="MODSECURITY_CRS_40_APPSENSOR_DETECTION_POINT_3.0_END.CONF" />
|
||||||
<ComponentRef Id="MODSECURITY_CRS_40_HTTP_PARAMETER_POLLUTION.CONF" />
|
<ComponentRef Id="MODSECURITY_CRS_40_HTTP_PARAMETER_POLLUTION.CONF" />
|
||||||
<ComponentRef Id="MODSECURITY_CRS_41_ADVANCED_FILTERS.CONF" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_42_CSP_ENFORCEMENT.CONF" />
|
<ComponentRef Id="MODSECURITY_CRS_42_CSP_ENFORCEMENT.CONF" />
|
||||||
<ComponentRef Id="MODSECURITY_CRS_45_CHAR_ANOMALY.CONF" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_46_SCANNER_INTEGRATION.CONF" />
|
<ComponentRef Id="MODSECURITY_CRS_46_SCANNER_INTEGRATION.CONF" />
|
||||||
<ComponentRef Id="MODSECURITY_CRS_48_BAYES_ANALYSIS.CONF" />
|
<ComponentRef Id="MODSECURITY_CRS_48_BAYES_ANALYSIS.CONF" />
|
||||||
<ComponentRef Id="MODSECURITY_CRS_55_RESPONSE_PROFILING.CONF" />
|
<ComponentRef Id="MODSECURITY_CRS_55_RESPONSE_PROFILING.CONF" />
|
||||||
@@ -848,14 +692,8 @@
|
|||||||
<ComponentRef Id="MODSECURITY_CRS_46_SLR_ET_SQLI_ATTACKS.CONF" />
|
<ComponentRef Id="MODSECURITY_CRS_46_SLR_ET_SQLI_ATTACKS.CONF" />
|
||||||
<ComponentRef Id="MODSECURITY_CRS_46_SLR_ET_WORDPRESS_ATTACKS.CONF" />
|
<ComponentRef Id="MODSECURITY_CRS_46_SLR_ET_WORDPRESS_ATTACKS.CONF" />
|
||||||
<ComponentRef Id="MODSECURITY_CRS_46_SLR_ET_XSS_ATTACKS.CONF" />
|
<ComponentRef Id="MODSECURITY_CRS_46_SLR_ET_XSS_ATTACKS.CONF" />
|
||||||
<ComponentRef Id="ARACHNI2MODSEC.PL" />
|
|
||||||
<ComponentRef Id="README_1" />
|
<ComponentRef Id="README_1" />
|
||||||
<ComponentRef Id="RULES_UPDATER_EXAMPLE.CONF" />
|
|
||||||
<ComponentRef Id="RULES_UPDATER.PL" />
|
|
||||||
<ComponentRef Id="RULES_UPDATER.PL.IN" />
|
|
||||||
<ComponentRef Id="RUNAV.PL" />
|
<ComponentRef Id="RUNAV.PL" />
|
||||||
<ComponentRef Id="ZAP2MODSEC.PL" />
|
|
||||||
<ComponentRef Id="RUNAV.PL_1" />
|
|
||||||
<ComponentRef Id="COMMON.C" />
|
<ComponentRef Id="COMMON.C" />
|
||||||
<ComponentRef Id="COMMON.H" />
|
<ComponentRef Id="COMMON.H" />
|
||||||
<ComponentRef Id="COMP" />
|
<ComponentRef Id="COMP" />
|
||||||
@@ -865,9 +703,6 @@
|
|||||||
<ComponentRef Id="MLOGC_HONEYPOT_SENSOR.CONF" />
|
<ComponentRef Id="MLOGC_HONEYPOT_SENSOR.CONF" />
|
||||||
<ComponentRef Id="MODSECURITY_CRS_10_HONEYPOT.CONF" />
|
<ComponentRef Id="MODSECURITY_CRS_10_HONEYPOT.CONF" />
|
||||||
<ComponentRef Id="README.MD_1" />
|
<ComponentRef Id="README.MD_1" />
|
||||||
<ComponentRef Id="MLOGC_HONEYPOT_SENSOR.CONF_1" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_10_HONEYPOT.CONF_1" />
|
|
||||||
<ComponentRef Id="README.MD_2" />
|
|
||||||
<ComponentRef Id="INSTALL_1" />
|
<ComponentRef Id="INSTALL_1" />
|
||||||
<ComponentRef Id="MODSECURITY_CRS_59_HEADER_TAGGING.CONF" />
|
<ComponentRef Id="MODSECURITY_CRS_59_HEADER_TAGGING.CONF" />
|
||||||
<ComponentRef Id="README_2" />
|
<ComponentRef Id="README_2" />
|
||||||
@@ -884,44 +719,32 @@
|
|||||||
<ComponentRef Id="MODSECURITY_CRS_41_XSS_ATTACKS.TESTS" />
|
<ComponentRef Id="MODSECURITY_CRS_41_XSS_ATTACKS.TESTS" />
|
||||||
<ComponentRef Id="MODSECURITY_CRS_50_OUTBOUND.TESTS" />
|
<ComponentRef Id="MODSECURITY_CRS_50_OUTBOUND.TESTS" />
|
||||||
<ComponentRef Id="RUBY.TESTS" />
|
<ComponentRef Id="RUBY.TESTS" />
|
||||||
<ComponentRef Id="INSTALL_2" />
|
<ComponentRef Id="ID_RANGE" />
|
||||||
<ComponentRef Id="MODSECURITY_CRS_59_HEADER_TAGGING.CONF_1" />
|
<ComponentRef Id="REMOVE_2.7_ACTIONS.PL" />
|
||||||
<ComponentRef Id="README_3" />
|
<ComponentRef Id="VERIFY.RB" />
|
||||||
<ComponentRef Id="RULESTEST.CONF_1" />
|
<ComponentRef Id="ARACHNI2MODSEC.PL" />
|
||||||
<ComponentRef Id="RULESTEST.PL_1" />
|
<ComponentRef Id="ZAP2MODSEC.PL" />
|
||||||
<ComponentRef Id="TESTSERVER.CGI_1" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_20_PROTOCOL_VIOLATIONS.TESTS_1" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_21_PROTOCOL_ANOMALIES.TESTS_1" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_23_REQUEST_LIMITS.TESTS_1" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_30_HTTP_POLICY.TESTS_1" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_35_BAD_ROBOTS.TESTS_1" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_40_GENERIC_ATTACKS.TESTS_1" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_41_SQL_INJECTION_ATTACKS.TESTS_1" />
|
|
||||||
<ComponentRef Id="MODSECURITY_CRS_50_OUTBOUND.TESTS_1" />
|
|
||||||
<ComponentRef Id="COMMON.C_1" />
|
|
||||||
<ComponentRef Id="COMMON.H_1" />
|
|
||||||
<ComponentRef Id="COMP_1" />
|
|
||||||
<ComponentRef Id="RUNAV_CLAMD.C_1" />
|
|
||||||
<ComponentRef Id="RUNAV.C_1" />
|
|
||||||
<ComponentRef Id="ARACHNI2MODSEC.PL_1" />
|
|
||||||
<ComponentRef Id="ZAP2MODSEC.PL_1" />
|
|
||||||
</Feature>
|
</Feature>
|
||||||
<UIRef Id="WixUI_Minimal" />
|
</Feature>
|
||||||
|
<UIRef Id="WixUI_Mondo" />
|
||||||
<WixVariable Id="WixUILicenseRtf" Value="wix\EULA.rtf" />
|
<WixVariable Id="WixUILicenseRtf" Value="wix\EULA.rtf" />
|
||||||
<WixVariable Id="WixUIBannerBmp" Value="wix\banner.jpg" />
|
<WixVariable Id="WixUIBannerBmp" Value="wix\banner.jpg" />
|
||||||
<WixVariable Id="WixUIDialogBmp" Value="wix\dialog.jpg" />
|
<WixVariable Id="WixUIDialogBmp" Value="wix\dialog.jpg" />
|
||||||
|
|
||||||
<InstallExecuteSequence>
|
<InstallExecuteSequence>
|
||||||
<Custom Action="InstallModule" Before="InstallFinalize"><![CDATA[NOT Installed]]></Custom>
|
<Custom Action="InstallModule" Before="InstallFinalize"><![CDATA[NOT Installed]]></Custom>
|
||||||
<Custom Action="UninstallModule" Before="RemoveFiles"><![CDATA[Installed]]></Custom>
|
<Custom Action="InstallConf" After="InstallModule"><![CDATA[NOT Installed]]></Custom>
|
||||||
|
<Custom Action="UninstallConf" Before="RemoveFiles"><![CDATA[Installed]]></Custom>
|
||||||
|
<Custom Action="UninstallModule" After="UninstallConf"><![CDATA[Installed]]></Custom>
|
||||||
</InstallExecuteSequence>
|
</InstallExecuteSequence>
|
||||||
|
|
||||||
<CustomAction Id="InstallModule" Execute="deferred" Impersonate="no" Return="check" Directory="INSTALLFOLDER" ExeCommand=""[SystemFolder]inetsrv\appcmd.exe" install module /name:"ModSecurity IIS" /image:"[SystemFolder]inetsrv\ModSecurityIIS.dll"" />
|
<CustomAction Id="InstallModule" Execute="deferred" Impersonate="no" Return="check" Directory="INSTALLFOLDER" ExeCommand=""[SystemFolder]inetsrv\appcmd.exe" install module /name:"ModSecurity IIS" /image:"[SystemFolder]inetsrv\ModSecurityIIS.dll"" />
|
||||||
|
|
||||||
|
<CustomAction Id="InstallConf" Execute="deferred" Impersonate="no" Return="check" Directory="INSTALLFOLDER" ExeCommand=""[SystemFolder]inetsrv\appcmd.exe" set config /section:"system.webServer/ModSecurity" /"enabled:true" /"configFile:[INSTALLFOLDER]modsecurity_iis.conf"" />
|
||||||
|
|
||||||
<CustomAction Id="UninstallModule" Execute="deferred" Impersonate="no" Return="check" Directory="INSTALLFOLDER" ExeCommand=""[SystemFolder]inetsrv\appcmd.exe" uninstall module /module.name:"ModSecurity IIS"" />
|
<CustomAction Id="UninstallModule" Execute="deferred" Impersonate="no" Return="check" Directory="INSTALLFOLDER" ExeCommand=""[SystemFolder]inetsrv\appcmd.exe" uninstall module /module.name:"ModSecurity IIS"" />
|
||||||
|
|
||||||
|
<CustomAction Id="UninstallConf" Execute="deferred" Impersonate="no" Return="check" Directory="INSTALLFOLDER" ExeCommand=""[SystemFolder]inetsrv\appcmd.exe" clear config -section:"system.webServer/ModSecurity"" />
|
||||||
|
|
||||||
<UI>
|
<UI>
|
||||||
</UI>
|
</UI>
|
||||||
</Product>
|
</Product>
|
||||||
</Wix>
|
</Wix>
|
||||||
|
|
||||||
|
|||||||
214
iis/wix/modsecurity.conf
Normal file
214
iis/wix/modsecurity.conf
Normal file
@@ -0,0 +1,214 @@
|
|||||||
|
# based on modsecurity.conf-recommended
|
||||||
|
# -- Rule engine initialization ----------------------------------------------
|
||||||
|
|
||||||
|
# Enable ModSecurity, attaching it to every transaction. Use detection
|
||||||
|
# only to start with, because that minimises the chances of post-installation
|
||||||
|
# disruption.
|
||||||
|
#
|
||||||
|
SecRuleEngine DetectionOnly
|
||||||
|
|
||||||
|
|
||||||
|
# -- Request body handling ---------------------------------------------------
|
||||||
|
|
||||||
|
# Allow ModSecurity to access request bodies. If you don't, ModSecurity
|
||||||
|
# won't be able to see any POST parameters, which opens a large security
|
||||||
|
# hole for attackers to exploit.
|
||||||
|
#
|
||||||
|
SecRequestBodyAccess On
|
||||||
|
|
||||||
|
|
||||||
|
# Enable XML request body parser.
|
||||||
|
# Initiate XML Processor in case of xml content-type
|
||||||
|
#
|
||||||
|
SecRule REQUEST_HEADERS:Content-Type "text/xml" \
|
||||||
|
"id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML"
|
||||||
|
|
||||||
|
|
||||||
|
# Maximum request body size we will accept for buffering. If you support
|
||||||
|
# file uploads then the value given on the first line has to be as large
|
||||||
|
# as the largest file you are willing to accept. The second value refers
|
||||||
|
# to the size of data, with files excluded. You want to keep that value as
|
||||||
|
# low as practical.
|
||||||
|
#
|
||||||
|
SecRequestBodyLimit 13107200
|
||||||
|
SecRequestBodyNoFilesLimit 131072
|
||||||
|
|
||||||
|
# Store up to 128 KB of request body data in memory. When the multipart
|
||||||
|
# parser reachers this limit, it will start using your hard disk for
|
||||||
|
# storage. That is slow, but unavoidable.
|
||||||
|
#
|
||||||
|
SecRequestBodyInMemoryLimit 131072
|
||||||
|
|
||||||
|
# What do do if the request body size is above our configured limit.
|
||||||
|
# Keep in mind that this setting will automatically be set to ProcessPartial
|
||||||
|
# when SecRuleEngine is set to DetectionOnly mode in order to minimize
|
||||||
|
# disruptions when initially deploying ModSecurity.
|
||||||
|
#
|
||||||
|
SecRequestBodyLimitAction Reject
|
||||||
|
|
||||||
|
# Verify that we've correctly processed the request body.
|
||||||
|
# As a rule of thumb, when failing to process a request body
|
||||||
|
# you should reject the request (when deployed in blocking mode)
|
||||||
|
# or log a high-severity alert (when deployed in detection-only mode).
|
||||||
|
#
|
||||||
|
SecRule REQBODY_ERROR "!@eq 0" \
|
||||||
|
"id:'200001', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2"
|
||||||
|
|
||||||
|
# By default be strict with what we accept in the multipart/form-data
|
||||||
|
# request body. If the rule below proves to be too strict for your
|
||||||
|
# environment consider changing it to detection-only. You are encouraged
|
||||||
|
# _not_ to remove it altogether.
|
||||||
|
#
|
||||||
|
SecRule MULTIPART_STRICT_ERROR "!@eq 0" \
|
||||||
|
"id:'200002',phase:2,t:none,log,deny,status:44, \
|
||||||
|
msg:'Multipart request body failed strict validation: \
|
||||||
|
PE %{REQBODY_PROCESSOR_ERROR}, \
|
||||||
|
BQ %{MULTIPART_BOUNDARY_QUOTED}, \
|
||||||
|
BW %{MULTIPART_BOUNDARY_WHITESPACE}, \
|
||||||
|
DB %{MULTIPART_DATA_BEFORE}, \
|
||||||
|
DA %{MULTIPART_DATA_AFTER}, \
|
||||||
|
HF %{MULTIPART_HEADER_FOLDING}, \
|
||||||
|
LF %{MULTIPART_LF_LINE}, \
|
||||||
|
SM %{MULTIPART_MISSING_SEMICOLON}, \
|
||||||
|
IQ %{MULTIPART_INVALID_QUOTING}, \
|
||||||
|
IP %{MULTIPART_INVALID_PART}, \
|
||||||
|
IH %{MULTIPART_INVALID_HEADER_FOLDING}, \
|
||||||
|
FL %{MULTIPART_FILE_LIMIT_EXCEEDED}'"
|
||||||
|
|
||||||
|
# Did we see anything that might be a boundary?
|
||||||
|
#
|
||||||
|
SecRule MULTIPART_UNMATCHED_BOUNDARY "!@eq 0" \
|
||||||
|
"id:'200003',phase:2,t:none,log,deny,status:44,msg:'Multipart parser detected a possible unmatched boundary.'"
|
||||||
|
|
||||||
|
# PCRE Tuning
|
||||||
|
# We want to avoid a potential RegEx DoS condition
|
||||||
|
#
|
||||||
|
SecPcreMatchLimit 1000
|
||||||
|
SecPcreMatchLimitRecursion 1000
|
||||||
|
|
||||||
|
# Some internal errors will set flags in TX and we will need to look for these.
|
||||||
|
# All of these are prefixed with "MSC_". The following flags currently exist:
|
||||||
|
#
|
||||||
|
# MSC_PCRE_LIMITS_EXCEEDED: PCRE match limits were exceeded.
|
||||||
|
#
|
||||||
|
SecRule TX:/^MSC_/ "!@streq 0" \
|
||||||
|
"id:'200004',phase:2,t:none,deny,msg:'ModSecurity internal error flagged: %{MATCHED_VAR_NAME}'"
|
||||||
|
|
||||||
|
|
||||||
|
# -- Response body handling --------------------------------------------------
|
||||||
|
|
||||||
|
# Allow ModSecurity to access response bodies.
|
||||||
|
# You should have this directive enabled in order to identify errors
|
||||||
|
# and data leakage issues.
|
||||||
|
#
|
||||||
|
# Do keep in mind that enabling this directive does increases both
|
||||||
|
# memory consumption and response latency.
|
||||||
|
#
|
||||||
|
#SecResponseBodyAccess On
|
||||||
|
|
||||||
|
# Which response MIME types do you want to inspect? You should adjust the
|
||||||
|
# configuration below to catch documents but avoid static files
|
||||||
|
# (e.g., images and archives).
|
||||||
|
#
|
||||||
|
SecResponseBodyMimeType text/plain text/html text/xml
|
||||||
|
|
||||||
|
# Buffer response bodies of up to 512 KB in length.
|
||||||
|
SecResponseBodyLimit 524288
|
||||||
|
|
||||||
|
# What happens when we encounter a response body larger than the configured
|
||||||
|
# limit? By default, we process what we have and let the rest through.
|
||||||
|
# That's somewhat less secure, but does not break any legitimate pages.
|
||||||
|
#
|
||||||
|
SecResponseBodyLimitAction ProcessPartial
|
||||||
|
|
||||||
|
|
||||||
|
# -- Filesystem configuration ------------------------------------------------
|
||||||
|
|
||||||
|
# The location where ModSecurity stores temporary files (for example, when
|
||||||
|
# it needs to handle a file upload that is larger than the configured limit).
|
||||||
|
#
|
||||||
|
# This default setting is chosen due to all systems have /tmp available however,
|
||||||
|
# this is less than ideal. It is recommended that you specify a location that's private.
|
||||||
|
#
|
||||||
|
SecTmpDir c:\inetpub\temp\
|
||||||
|
|
||||||
|
# The location where ModSecurity will keep its persistent data. This default setting
|
||||||
|
# is chosen due to all systems have /tmp available however, it
|
||||||
|
# too should be updated to a place that other users can't access.
|
||||||
|
#
|
||||||
|
SecDataDir c:\inetpub\temp\
|
||||||
|
|
||||||
|
|
||||||
|
# -- File uploads handling configuration -------------------------------------
|
||||||
|
|
||||||
|
# The location where ModSecurity stores intercepted uploaded files. This
|
||||||
|
# location must be private to ModSecurity. You don't want other users on
|
||||||
|
# the server to access the files, do you?
|
||||||
|
#
|
||||||
|
#SecUploadDir /opt/modsecurity/var/upload/
|
||||||
|
|
||||||
|
# By default, only keep the files that were determined to be unusual
|
||||||
|
# in some way (by an external inspection script). For this to work you
|
||||||
|
# will also need at least one file inspection rule.
|
||||||
|
#
|
||||||
|
#SecUploadKeepFiles RelevantOnly
|
||||||
|
|
||||||
|
# Uploaded files are by default created with permissions that do not allow
|
||||||
|
# any other user to access them. You may need to relax that if you want to
|
||||||
|
# interface ModSecurity to an external program (e.g., an anti-virus).
|
||||||
|
#
|
||||||
|
#SecUploadFileMode 0600
|
||||||
|
|
||||||
|
|
||||||
|
# -- Debug log configuration -------------------------------------------------
|
||||||
|
|
||||||
|
# The default debug log configuration is to duplicate the error, warning
|
||||||
|
# and notice messages from the error log.
|
||||||
|
#
|
||||||
|
#SecDebugLog /opt/modsecurity/var/log/debug.log
|
||||||
|
#SecDebugLogLevel 3
|
||||||
|
|
||||||
|
|
||||||
|
# -- Audit log configuration -------------------------------------------------
|
||||||
|
|
||||||
|
# Log the transactions that are marked by a rule, as well as those that
|
||||||
|
# trigger a server error (determined by a 5xx or 4xx, excluding 404,
|
||||||
|
# level response status codes).
|
||||||
|
#
|
||||||
|
#SecAuditEngine RelevantOnly
|
||||||
|
#SecAuditLogRelevantStatus "^(?:5|4(?!04))"
|
||||||
|
|
||||||
|
# Log everything we know about a transaction.
|
||||||
|
#SecAuditLogParts ABIJDEFHZ
|
||||||
|
|
||||||
|
# Use a single file for logging. This is much easier to look at, but
|
||||||
|
# assumes that you will use the audit log only ocassionally.
|
||||||
|
#
|
||||||
|
#SecAuditLogType Serial
|
||||||
|
#SecAuditLog c:\inetpub\log\modsec_audit.log
|
||||||
|
|
||||||
|
# Specify the path for concurrent audit logging.
|
||||||
|
#SecAuditLogStorageDir c:\inetpub\log\
|
||||||
|
|
||||||
|
|
||||||
|
# -- Miscellaneous -----------------------------------------------------------
|
||||||
|
|
||||||
|
# Use the most commonly used application/x-www-form-urlencoded parameter
|
||||||
|
# separator. There's probably only one application somewhere that uses
|
||||||
|
# something else so don't expect to change this value.
|
||||||
|
#
|
||||||
|
SecArgumentSeparator &
|
||||||
|
|
||||||
|
# Settle on version 0 (zero) cookies, as that is what most applications
|
||||||
|
# use. Using an incorrect cookie version may open your installation to
|
||||||
|
# evasion attacks (against the rules that examine named cookies).
|
||||||
|
#
|
||||||
|
SecCookieFormat 0
|
||||||
|
|
||||||
|
# Specify your Unicode Code Point.
|
||||||
|
# This mapping is used by the t:urlDecodeUni transformation function
|
||||||
|
# to properly map encoded data to your language. Properly setting
|
||||||
|
# these directives helps to reduce false positives and negatives.
|
||||||
|
#
|
||||||
|
#SecUnicodeCodePage 20127
|
||||||
|
#SecUnicodeMapFile unicode.mapping
|
||||||
428
iis/wix/modsecurity_crs_10_setup.conf
Normal file
428
iis/wix/modsecurity_crs_10_setup.conf
Normal file
@@ -0,0 +1,428 @@
|
|||||||
|
# ---------------------------------------------------------------
|
||||||
|
# Core ModSecurity Rule Set ver.2.2.6
|
||||||
|
# Copyright (C) 2006-2012 Trustwave All rights reserved.
|
||||||
|
#
|
||||||
|
# The OWASP ModSecurity Core Rule Set is distributed under
|
||||||
|
# Apache Software License (ASL) version 2
|
||||||
|
# Please see the enclosed LICENCE file for full details.
|
||||||
|
# ---------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# -- [[ Recommended Base Configuration ]] -------------------------------------------------
|
||||||
|
#
|
||||||
|
# The configuration directives/settings in this file are used to control
|
||||||
|
# the OWASP ModSecurity CRS. These settings do **NOT** configure the main
|
||||||
|
# ModSecurity settings such as:
|
||||||
|
#
|
||||||
|
# - SecRuleEngine
|
||||||
|
# - SecRequestBodyAccess
|
||||||
|
# - SecAuditEngine
|
||||||
|
# - SecDebugLog
|
||||||
|
#
|
||||||
|
# You should use the modsecurity.conf-recommended file that comes with the
|
||||||
|
# ModSecurity source code archive.
|
||||||
|
#
|
||||||
|
# Ref: http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/modsecurity.conf-recommended
|
||||||
|
#
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# -- [[ Rule Version ]] -------------------------------------------------------------------
|
||||||
|
#
|
||||||
|
# Rule version data is added to the "Producer" line of Section H of the Audit log:
|
||||||
|
#
|
||||||
|
# - Producer: ModSecurity for Apache/2.7.0-rc1 (http://www.modsecurity.org/); OWASP_CRS/2.2.4.
|
||||||
|
#
|
||||||
|
# Ref: https://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#SecComponentSignature
|
||||||
|
#
|
||||||
|
SecComponentSignature "OWASP_CRS/2.2.6"
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# -- [[ Modes of Operation: Self-Contained vs. Collaborative Detection ]] -----------------
|
||||||
|
#
|
||||||
|
# Each detection rule uses the "block" action which will inherit the SecDefaultAction
|
||||||
|
# specified below. Your settings here will determine which mode of operation you use.
|
||||||
|
#
|
||||||
|
# -- [[ Self-Contained Mode ]] --
|
||||||
|
# Rules inherit the "deny" disruptive action. The first rule that matches will block.
|
||||||
|
#
|
||||||
|
# -- [[ Collaborative Detection Mode ]] --
|
||||||
|
# This is a "delayed blocking" mode of operation where each matching rule will inherit
|
||||||
|
# the "pass" action and will only contribute to anomaly scores. Transactional blocking
|
||||||
|
# can be applied
|
||||||
|
#
|
||||||
|
# -- [[ Alert Logging Control ]] --
|
||||||
|
# You have three options -
|
||||||
|
#
|
||||||
|
# - To log to both the Apache error_log and ModSecurity audit_log file use: "log"
|
||||||
|
# - To log *only* to the ModSecurity audit_log file use: "nolog,auditlog"
|
||||||
|
# - To log *only* to the Apache error_log file use: "log,noauditlog"
|
||||||
|
#
|
||||||
|
# Ref: http://blog.spiderlabs.com/2010/11/advanced-topic-of-the-week-traditional-vs-anomaly-scoring-detection-modes.html
|
||||||
|
# Ref: https://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#SecDefaultAction
|
||||||
|
#
|
||||||
|
SecDefaultAction "phase:1,deny,log"
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# -- [[ Collaborative Detection Severity Levels ]] ----------------------------------------
|
||||||
|
#
|
||||||
|
# These are the default scoring points for each severity level. You may
|
||||||
|
# adjust these to you liking. These settings will be used in macro expansion
|
||||||
|
# in the rules to increment the anomaly scores when rules match.
|
||||||
|
#
|
||||||
|
# These are the default Severity ratings (with anomaly scores) of the individual rules -
|
||||||
|
#
|
||||||
|
# - 2: Critical - Anomaly Score of 5.
|
||||||
|
# Is the highest severity level possible without correlation. It is
|
||||||
|
# normally generated by the web attack rules (40 level files).
|
||||||
|
# - 3: Error - Anomaly Score of 4.
|
||||||
|
# Is generated mostly from outbound leakage rules (50 level files).
|
||||||
|
# - 4: Warning - Anomaly Score of 3.
|
||||||
|
# Is generated by malicious client rules (35 level files).
|
||||||
|
# - 5: Notice - Anomaly Score of 2.
|
||||||
|
# Is generated by the Protocol policy and anomaly files.
|
||||||
|
#
|
||||||
|
SecAction \
|
||||||
|
"id:'900001', \
|
||||||
|
phase:1, \
|
||||||
|
t:none, \
|
||||||
|
setvar:tx.critical_anomaly_score=5, \
|
||||||
|
setvar:tx.error_anomaly_score=4, \
|
||||||
|
setvar:tx.warning_anomaly_score=3, \
|
||||||
|
setvar:tx.notice_anomaly_score=2, \
|
||||||
|
nolog, \
|
||||||
|
pass"
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# -- [[ Collaborative Detection Scoring Threshold Levels ]] ------------------------------
|
||||||
|
#
|
||||||
|
# These variables are used in macro expansion in the 49 inbound blocking and 59
|
||||||
|
# outbound blocking files.
|
||||||
|
#
|
||||||
|
# **MUST HAVE** ModSecurity v2.5.12 or higher to use macro expansion in numeric
|
||||||
|
# operators. If you have an earlier version, edit the 49/59 files directly to
|
||||||
|
# set the appropriate anomaly score levels.
|
||||||
|
#
|
||||||
|
# You should set the score to the proper threshold you would prefer. If set to "5"
|
||||||
|
# it will work similarly to previous Mod CRS rules and will create an event in the error_log
|
||||||
|
# file if there are any rules that match. If you would like to lessen the number of events
|
||||||
|
# generated in the error_log file, you should increase the anomaly score threshold to
|
||||||
|
# something like "20". This would only generate an event in the error_log file if
|
||||||
|
# there are multiple lower severity rule matches or if any 1 higher severity item matches.
|
||||||
|
#
|
||||||
|
SecAction \
|
||||||
|
"id:'900002', \
|
||||||
|
phase:1, \
|
||||||
|
t:none, \
|
||||||
|
setvar:tx.inbound_anomaly_score_level=5, \
|
||||||
|
nolog, \
|
||||||
|
pass"
|
||||||
|
|
||||||
|
|
||||||
|
SecAction \
|
||||||
|
"id:'900003', \
|
||||||
|
phase:1, \
|
||||||
|
t:none, \
|
||||||
|
setvar:tx.outbound_anomaly_score_level=4, \
|
||||||
|
nolog, \
|
||||||
|
pass"
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# -- [[ Collaborative Detection Blocking ]] -----------------------------------------------
|
||||||
|
#
|
||||||
|
# This is a collaborative detection mode where each rule will increment an overall
|
||||||
|
# anomaly score for the transaction. The scores are then evaluated in the following files:
|
||||||
|
#
|
||||||
|
# Inbound anomaly score - checked in the modsecurity_crs_49_inbound_blocking.conf file
|
||||||
|
# Outbound anomaly score - checked in the modsecurity_crs_59_outbound_blocking.conf file
|
||||||
|
#
|
||||||
|
# If you want to use anomaly scoring mode, then uncomment this line.
|
||||||
|
#
|
||||||
|
#SecAction \
|
||||||
|
"id:'900004', \
|
||||||
|
phase:1, \
|
||||||
|
t:none, \
|
||||||
|
setvar:tx.anomaly_score_blocking=on, \
|
||||||
|
nolog, \
|
||||||
|
pass"
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# -- [[ GeoIP Database ]] -----------------------------------------------------------------
|
||||||
|
#
|
||||||
|
# There are some rulesets that need to inspect the GEO data of the REMOTE_ADDR data.
|
||||||
|
#
|
||||||
|
# You must first download the MaxMind GeoIP Lite City DB -
|
||||||
|
#
|
||||||
|
# http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
|
||||||
|
#
|
||||||
|
# You then need to define the proper path for the SecGeoLookupDb directive
|
||||||
|
#
|
||||||
|
# Ref: http://blog.spiderlabs.com/2010/10/detecting-malice-with-modsecurity-geolocation-data.html
|
||||||
|
# Ref: http://blog.spiderlabs.com/2010/11/detecting-malice-with-modsecurity-ip-forensics.html
|
||||||
|
#
|
||||||
|
#SecGeoLookupDb /opt/modsecurity/lib/GeoLiteCity.dat
|
||||||
|
|
||||||
|
#
|
||||||
|
# -- [[ Regression Testing Mode ]] --------------------------------------------------------
|
||||||
|
#
|
||||||
|
# If you are going to run the regression testing mode, you should uncomment the
|
||||||
|
# following rule. It will enable DetectionOnly mode for the SecRuleEngine and
|
||||||
|
# will enable Response Header tagging so that the client testing script can see
|
||||||
|
# which rule IDs have matched.
|
||||||
|
#
|
||||||
|
# You must specify the your source IP address where you will be running the tests
|
||||||
|
# from.
|
||||||
|
#
|
||||||
|
#SecRule REMOTE_ADDR "@ipMatch 192.168.1.100" \
|
||||||
|
"id:'900005', \
|
||||||
|
phase:1, \
|
||||||
|
t:none, \
|
||||||
|
ctl:ruleEngine=DetectionOnly, \
|
||||||
|
setvar:tx.regression_testing=1, \
|
||||||
|
nolog, \
|
||||||
|
pass"
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# -- [[ HTTP Policy Settings ]] ----------------------------------------------------------
|
||||||
|
#
|
||||||
|
# Set the following policy settings here and they will be propagated to the 23 rules
|
||||||
|
# file (modsecurity_common_23_request_limits.conf) by using macro expansion.
|
||||||
|
# If you run into false positives, you can adjust the settings here.
|
||||||
|
#
|
||||||
|
# Only the max number of args is uncommented by default as there are a high rate
|
||||||
|
# of false positives. Uncomment the items you wish to set.
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# -- Maximum number of arguments in request limited
|
||||||
|
SecAction \
|
||||||
|
"id:'900006', \
|
||||||
|
phase:1, \
|
||||||
|
t:none, \
|
||||||
|
setvar:tx.max_num_args=255, \
|
||||||
|
nolog, \
|
||||||
|
pass"
|
||||||
|
|
||||||
|
#
|
||||||
|
# -- Limit argument name length
|
||||||
|
#SecAction \
|
||||||
|
"id:'900007', \
|
||||||
|
phase:1, \
|
||||||
|
t:none, \
|
||||||
|
setvar:tx.arg_name_length=100, \
|
||||||
|
nolog, \
|
||||||
|
pass"
|
||||||
|
|
||||||
|
#
|
||||||
|
# -- Limit value name length
|
||||||
|
#SecAction \
|
||||||
|
"id:'900008', \
|
||||||
|
phase:1, \
|
||||||
|
t:none, \
|
||||||
|
setvar:tx.arg_length=400, \
|
||||||
|
nolog, \
|
||||||
|
pass"
|
||||||
|
|
||||||
|
#
|
||||||
|
# -- Limit arguments total length
|
||||||
|
#SecAction \
|
||||||
|
"id:'900009', \
|
||||||
|
phase:1, \
|
||||||
|
t:none, \
|
||||||
|
setvar:tx.total_arg_length=64000, \
|
||||||
|
nolog, \
|
||||||
|
pass"
|
||||||
|
|
||||||
|
#
|
||||||
|
# -- Individual file size is limited
|
||||||
|
#SecAction \
|
||||||
|
"id:'900010', \
|
||||||
|
phase:1, \
|
||||||
|
t:none, \
|
||||||
|
setvar:tx.max_file_size=1048576, \
|
||||||
|
nolog, \
|
||||||
|
pass"
|
||||||
|
|
||||||
|
#
|
||||||
|
# -- Combined file size is limited
|
||||||
|
#SecAction \
|
||||||
|
"id:'900011', \
|
||||||
|
phase:1, \
|
||||||
|
t:none, \
|
||||||
|
setvar:tx.combined_file_sizes=1048576, \
|
||||||
|
nolog, \
|
||||||
|
pass"
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# Set the following policy settings here and they will be propagated to the 30 rules
|
||||||
|
# file (modsecurity_crs_30_http_policy.conf) by using macro expansion.
|
||||||
|
# If you run into false positves, you can adjust the settings here.
|
||||||
|
#
|
||||||
|
SecAction \
|
||||||
|
"id:'900012', \
|
||||||
|
phase:1, \
|
||||||
|
t:none, \
|
||||||
|
setvar:'tx.allowed_methods=GET HEAD POST OPTIONS', \
|
||||||
|
setvar:'tx.allowed_request_content_type=application/x-www-form-urlencoded|multipart/form-data|text/xml|application/xml|application/x-amf|application/json', \
|
||||||
|
setvar:'tx.allowed_http_versions=HTTP/0.9 HTTP/1.0 HTTP/1.1', \
|
||||||
|
setvar:'tx.restricted_extensions=.asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/', \
|
||||||
|
setvar:'tx.restricted_headers=/Proxy-Connection/ /Lock-Token/ /Content-Range/ /Translate/ /via/ /if/', \
|
||||||
|
nolog, \
|
||||||
|
pass"
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# -- [[ Content Security Policy (CSP) Settings ]] -----------------------------------------
|
||||||
|
#
|
||||||
|
# The purpose of these settings is to send CSP response headers to
|
||||||
|
# Mozilla FireFox users so that you can enforce how dynamic content
|
||||||
|
# is used. CSP usage helps to prevent XSS attacks against your users.
|
||||||
|
#
|
||||||
|
# Reference Link:
|
||||||
|
#
|
||||||
|
# https://developer.mozilla.org/en/Security/CSP
|
||||||
|
#
|
||||||
|
# Uncomment this SecAction line if you want use CSP enforcement.
|
||||||
|
# You need to set the appropriate directives and settings for your site/domain and
|
||||||
|
# and activate the CSP file in the experimental_rules directory.
|
||||||
|
#
|
||||||
|
# Ref: http://blog.spiderlabs.com/2011/04/modsecurity-advanced-topic-of-the-week-integrating-content-security-policy-csp.html
|
||||||
|
#
|
||||||
|
#SecAction \
|
||||||
|
"id:'900013', \
|
||||||
|
phase:1, \
|
||||||
|
t:none, \
|
||||||
|
setvar:tx.csp_report_only=1, \
|
||||||
|
setvar:tx.csp_report_uri=/csp_violation_report, \
|
||||||
|
setenv:'csp_policy=allow \'self\'; img-src *.yoursite.com; media-src *.yoursite.com; style-src *.yoursite.com; frame-ancestors *.yoursite.com; script-src *.yoursite.com; report-uri %{tx.csp_report_uri}', \
|
||||||
|
nolog, \
|
||||||
|
pass"
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# -- [[ Brute Force Protection ]] ---------------------------------------------------------
|
||||||
|
#
|
||||||
|
# If you are using the Brute Force Protection rule set, then uncomment the following
|
||||||
|
# lines and set the following variables:
|
||||||
|
# - Protected URLs: resources to protect (e.g. login pages) - set to your login page
|
||||||
|
# - Burst Time Slice Interval: time interval window to monitor for bursts
|
||||||
|
# - Request Threshold: request # threshold to trigger a burst
|
||||||
|
# - Block Period: temporary block timeout
|
||||||
|
#
|
||||||
|
#SecAction \
|
||||||
|
"id:'900014', \
|
||||||
|
phase:1, \
|
||||||
|
t:none, \
|
||||||
|
setvar:'tx.brute_force_protected_urls=/login.jsp /partner_login.php', \
|
||||||
|
setvar:'tx.brute_force_burst_time_slice=60', \
|
||||||
|
setvar:'tx.brute_force_counter_threshold=10', \
|
||||||
|
setvar:'tx.brute_force_block_timeout=300', \
|
||||||
|
nolog, \
|
||||||
|
pass"
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# -- [[ DoS Protection ]] ----------------------------------------------------------------
|
||||||
|
#
|
||||||
|
# If you are using the DoS Protection rule set, then uncomment the following
|
||||||
|
# lines and set the following variables:
|
||||||
|
# - Burst Time Slice Interval: time interval window to monitor for bursts
|
||||||
|
# - Request Threshold: request # threshold to trigger a burst
|
||||||
|
# - Block Period: temporary block timeout
|
||||||
|
#
|
||||||
|
#SecAction \
|
||||||
|
"id:'900015', \
|
||||||
|
phase:1, \
|
||||||
|
t:none, \
|
||||||
|
setvar:'tx.dos_burst_time_slice=60', \
|
||||||
|
setvar:'tx.dos_counter_threshold=100', \
|
||||||
|
setvar:'tx.dos_block_timeout=600', \
|
||||||
|
nolog, \
|
||||||
|
pass"
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# -- [[ Check UTF enconding ]] -----------------------------------------------------------
|
||||||
|
#
|
||||||
|
# We only want to apply this check if UTF-8 encoding is actually used by the site, otherwise
|
||||||
|
# it will result in false positives.
|
||||||
|
#
|
||||||
|
# Uncomment this line if your site uses UTF8 encoding
|
||||||
|
#SecAction \
|
||||||
|
"id:'900016', \
|
||||||
|
phase:1, \
|
||||||
|
t:none, \
|
||||||
|
setvar:tx.crs_validate_utf8_encoding=1, \
|
||||||
|
nolog, \
|
||||||
|
pass"
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# -- [[ Enable XML Body Parsing ]] -------------------------------------------------------
|
||||||
|
#
|
||||||
|
# The rules in this file will trigger the XML parser upon an XML request
|
||||||
|
#
|
||||||
|
# Initiate XML Processor in case of xml content-type
|
||||||
|
#
|
||||||
|
SecRule REQUEST_HEADERS:Content-Type "text/xml" \
|
||||||
|
"id:'900017', \
|
||||||
|
phase:1, \
|
||||||
|
t:none,t:lowercase, \
|
||||||
|
nolog, \
|
||||||
|
pass, \
|
||||||
|
chain"
|
||||||
|
SecRule REQBODY_PROCESSOR "!@streq XML" \
|
||||||
|
"ctl:requestBodyProcessor=XML"
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# -- [[ Global and IP Collections ]] -----------------------------------------------------
|
||||||
|
#
|
||||||
|
# Create both Global and IP collections for rules to use
|
||||||
|
# There are some CRS rules that assume that these two collections
|
||||||
|
# have already been initiated.
|
||||||
|
#
|
||||||
|
SecRule REQUEST_HEADERS:User-Agent "^(.*)$" \
|
||||||
|
"id:'900018', \
|
||||||
|
phase:1, \
|
||||||
|
t:none,t:sha1,t:hexEncode, \
|
||||||
|
setvar:tx.ua_hash=%{matched_var}, \
|
||||||
|
nolog, \
|
||||||
|
pass"
|
||||||
|
|
||||||
|
|
||||||
|
SecRule REQUEST_HEADERS:x-forwarded-for "^\b(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\b" \
|
||||||
|
"id:'900019', \
|
||||||
|
phase:1, \
|
||||||
|
t:none, \
|
||||||
|
capture, \
|
||||||
|
setvar:tx.real_ip=%{tx.1}, \
|
||||||
|
nolog, \
|
||||||
|
pass"
|
||||||
|
|
||||||
|
|
||||||
|
SecRule &TX:REAL_IP "!@eq 0" \
|
||||||
|
"id:'900020', \
|
||||||
|
phase:1, \
|
||||||
|
t:none, \
|
||||||
|
initcol:global=global, \
|
||||||
|
initcol:ip=%{tx.real_ip}_%{tx.ua_hash}, \
|
||||||
|
nolog, \
|
||||||
|
pass"
|
||||||
|
|
||||||
|
|
||||||
|
SecRule &TX:REAL_IP "@eq 0" \
|
||||||
|
"id:'900021', \
|
||||||
|
phase:1, \
|
||||||
|
t:none, \
|
||||||
|
initcol:global=global, \
|
||||||
|
initcol:ip=%{remote_addr}_%{tx.ua_hash}, \
|
||||||
|
nolog, \
|
||||||
|
pass"
|
||||||
3
iis/wix/modsecurity_iis.conf
Normal file
3
iis/wix/modsecurity_iis.conf
Normal file
@@ -0,0 +1,3 @@
|
|||||||
|
Include modsecurity.conf
|
||||||
|
Include modsecurity_crs_10_setup.conf
|
||||||
|
Include owasp_crs\activated_rules\*.conf
|
||||||
Reference in New Issue
Block a user