Adds support to load remote resources to pmFromFile and ipMatchFromFile

Initially those directives were only able to load content from a local file. This commit extends this functionality allowing the user to provide an HTTP URI that can be downloaded and loaded by ModSecurity. Initially the download is associated with a server restart. For next versions we expect to load such resources as it become outdated (Without need to resetart the server).
2025-09-29 19:24:29 +03:00 · 2014-08-28 17:15:26 -07:00
parent 81bde0842d
commit 899ee0c365
5 changed files with 355 additions and 54 deletions
--- a/tests/regression/misc/30-pmfromfile.t
+++ b/tests/regression/misc/30-pmfromfile.t
@@ -0,0 +1,29 @@
+### pmfromfile external resource
+
+{
+	type => "misc",
+	comment => "pmfromfile",
+	conf => qq(
+		SecRuleEngine On
+		SecDebugLog $ENV{DEBUG_LOG}
+		SecDebugLogLevel 9
+                SecRequestBodyAccess On
+		SecRule REQUEST_FILENAME "\@pmFromFile http://modsec.zimmerle.org/ip_reputation.txt?code=123" "id:'123',phase:2,log,pass,t:none"
+	),
+	match_log => {
+		error => [ qr/ModSecurity: Warning. Matched phrase \"127.0.0.1\" at REQUEST_FILENAME./, 1],
+		debug => [ qr/Matched phrase \"127.0.0.1\" at REQUEST_FILENAME/, 1 ],
+	},
+	match_response => {
+		status => qr/^404$/,
+	},
+	request => new HTTP::Request(
+		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/127.0.0.1.html",
+		[
+			"Content-Type" => "application/x-www-form-urlencoded",
+		],
+		#  Args
+		"some_variable=-1' and 1=1 union/* foo */select load_file('/etc/passwd')--"
+	),
+},
+