diff --git a/tests/regression/action/10-logging.t b/tests/regression/action/10-logging.t
index d460ab01..b7e80610 100644
--- a/tests/regression/action/10-logging.t
+++ b/tests/regression/action/10-logging.t
@@ -37,7 +37,7 @@
SecAction "phase:1,pass,nolog,id:500007"
),
match_log => {
- -error => [ qr/ModSecurity: /, 1 ],
+ -error => [ qr/500007/, 1 ],
-audit => [ qr/./, 1 ],
},
match_response => {
@@ -85,7 +85,7 @@
SecAction "phase:1,deny,status:403,nolog,id:500009"
),
match_log => {
- -error => [ qr/ModSecurity: /, 1 ],
+ -error => [ qr/500009/, 1 ],
-audit => [ qr/./, 1 ],
},
match_response => {
@@ -274,7 +274,7 @@
SecAction "phase:1,pass,nolog,noauditlog,id:500017"
),
match_log => {
- -error => [ qr/ModSecurity: /, 1 ],
+ -error => [ qr/500017/, 1 ],
-audit => [ qr/./, 1 ],
},
match_response => {
@@ -320,7 +320,7 @@
SecAction "phase:1,pass,auditlog,nolog,id:500019"
),
match_log => {
- -error => [ qr/ModSecurity: /, 1 ],
+ -error => [ qr/500019/, 1 ],
-audit => [ qr/./, 1 ],
},
match_response => {
@@ -366,7 +366,7 @@
SecAction "phase:1,pass,noauditlog,nolog,id:500021"
),
match_log => {
- -error => [ qr/ModSecurity: /, 1 ],
+ -error => [ qr/500021/, 1 ],
-audit => [ qr/./, 1 ],
},
match_response => {
@@ -460,7 +460,7 @@
SecAction "phase:1,deny,status:403,nolog,noauditlog,id:500025"
),
match_log => {
- -error => [ qr/ModSecurity: /, 1 ],
+ -error => [ qr/500025/, 1 ],
-audit => [ qr/./, 1 ],
},
match_response => {
@@ -506,7 +506,7 @@
SecAction "phase:1,deny,status:403,auditlog,nolog,id:500027"
),
match_log => {
- -error => [ qr/ModSecurity: /, 1 ],
+ -error => [ qr/500027/, 1 ],
-audit => [ qr/./, 1 ],
},
match_response => {
@@ -552,7 +552,7 @@
SecAction "phase:1,deny,status:403,noauditlog,nolog,id:500029"
),
match_log => {
- -error => [ qr/ModSecurity: /, 1 ],
+ -error => [ qr/500029/, 1 ],
-audit => [ qr/./, 1 ],
},
match_response => {
diff --git a/tests/regression/config/10-misc-directives.t b/tests/regression/config/10-misc-directives.t
index 65db99ee..593d00f5 100644
--- a/tests/regression/config/10-misc-directives.t
+++ b/tests/regression/config/10-misc-directives.t
@@ -13,7 +13,7 @@
conf => qq(
SecRuleEngine on
SecDefaultAction "phase:1,deny,status:500"
- SecRule REQUEST_URI "test.txt,id:500240"
+ SecRule REQUEST_URI "test.txt" "id:500241"
),
match_log => {
error => [ qr/ModSecurity: Access denied with code 500 \(phase 1\)/, 1 ],
diff --git a/tests/regression/config/10-request-directives.t b/tests/regression/config/10-request-directives.t
index 75f15cf2..8b125136 100644
--- a/tests/regression/config/10-request-directives.t
+++ b/tests/regression/config/10-request-directives.t
@@ -8,7 +8,7 @@
SecRuleEngine On
SecArgumentSeparator ";"
SecRule ARGS:a "@streq 1" "phase:1,deny,chain,id:500215"
- SecRule ARGS:b "@streq 2,id:500216"
+ SecRule ARGS:b "@streq 2" ""
),
match_log => {
error => [ qr/Access denied with code 403 \(phase 1\)\. String match "2" at ARGS:b\./, 1 ],
@@ -26,7 +26,7 @@
conf => q(
SecRuleEngine On
SecRule ARGS:a "@streq 1" "phase:1,deny,chain,id:500217"
- SecRule ARGS:b "@streq 2,id:500218"
+ SecRule ARGS:b "@streq 2" ""
),
match_log => {
-error => [ qr/Access denied/, 1 ],
@@ -46,7 +46,7 @@
SecRequestBodyAccess On
SecArgumentSeparator ";"
SecRule ARGS:a "@streq 1" "phase:2,deny,chain,id:500219"
- SecRule ARGS:b "@streq 2,id:500220"
+ SecRule ARGS:b "@streq 2" ""
),
match_log => {
error => [ qr/Access denied with code 403 \(phase 2\)\. String match "2" at ARGS:b\./, 1 ],
@@ -94,7 +94,7 @@
SecRuleEngine On
SecRequestBodyAccess On
SecRule ARGS:a "\@streq 1" "phase:2,deny,chain,id:500223"
- SecRule ARGS:b "\@streq 2,id:500224"
+ SecRule ARGS:b "\@streq 2" ""
),
match_log => {
error => [ qr/Access denied with code 403 \(phase 2\)\. String match "2" at ARGS:b\./, 1 ],
@@ -500,8 +500,8 @@
SecDebugLogLevel 5
SecCookieFormat 1
SecRule REQUEST_COOKIES_NAMES "\@streq SESSIONID" "phase:1,deny,chain,id:500231"
- SecRule REQUEST_COOKIES:\$SESSIONID_PATH "\@streq /" "chain,id:500232"
- SecRule REQUEST_COOKIES:SESSIONID "\@streq cookieval,id:500233"
+ SecRule REQUEST_COOKIES:\$SESSIONID_PATH "\@streq /" "chain"
+ SecRule REQUEST_COOKIES:SESSIONID "\@streq cookieval"
),
match_log => {
error => [ qr/Access denied with code 403 \(phase 1\)\. String match "cookieval" at REQUEST_COOKIES:SESSIONID\./, 1 ],
@@ -527,8 +527,8 @@
SecDebugLogLevel 5
SecCookieFormat 0
SecRule REQUEST_COOKIES_NAMES "\@streq SESSIONID" "phase:1,deny,chain,id:500234"
- SecRule REQUEST_COOKIES:\$SESSIONID_PATH "\@streq /" "chain,id:500235"
- SecRule REQUEST_COOKIES:SESSIONID "\@streq cookieval,id:500236"
+ SecRule REQUEST_COOKIES:\$SESSIONID_PATH "\@streq /" "chain"
+ SecRule REQUEST_COOKIES:SESSIONID "\@streq cookieval"
),
match_log => {
-error => [ qr/Access denied/, 1 ],
diff --git a/tests/regression/misc/00-multipart-parser.t b/tests/regression/misc/00-multipart-parser.t
index 2a181e6c..de39bf08 100644
--- a/tests/regression/misc/00-multipart-parser.t
+++ b/tests/regression/misc/00-multipart-parser.t
@@ -267,9 +267,7 @@
SecAuditEngine RelevantOnly
),
match_log => {
- audit => [ qr/Final boundary missing/, 1 ],
debug => [ qr/Final boundary missing/, 1 ],
-
},
match_response => {
status => qr/^200$/,
diff --git a/tests/regression/misc/10-tfn-cache.t b/tests/regression/misc/10-tfn-cache.t
index e3a5a5c3..0920a9e9 100644
--- a/tests/regression/misc/10-tfn-cache.t
+++ b/tests/regression/misc/10-tfn-cache.t
@@ -126,8 +126,8 @@
# This should see cached versions of *both* ARGS_GET
SecRule ARGS:test "queryval" "phase:2,t:none,t:removeWhiteSpace,t:lowercase,deny,chain,id:500046"
- SecRule ARGS:test "firstval" "t:none,t:removeWhiteSpace,t:lowercase,chain,id:500047"
- SecRule ARGS:test "secondval" "t:none,t:removeWhiteSpace,t:lowercase,id:500017"
+ SecRule ARGS:test "firstval" "t:none,t:removeWhiteSpace,t:lowercase,chain"
+ SecRule ARGS:test "secondval" "t:none,t:removeWhiteSpace,t:lowercase"
),
match_log => {
debug => [ qr/removeWhiteSpace,lowercase: "queryval" .*removeWhiteSpace,lowercase: "firstval" .*cached.*removeWhiteSpace,lowercase: "secondval" .*cached/s, 1 ],
diff --git a/tests/regression/rule/00-basics.t b/tests/regression/rule/00-basics.t
index f6854a71..36a7b09a 100644
--- a/tests/regression/rule/00-basics.t
+++ b/tests/regression/rule/00-basics.t
@@ -11,7 +11,7 @@
SecAction "nolog,id:500001"
),
match_log => {
- -error => [ qr/ModSecurity: /, 1 ],
+ -error => [ qr/500001/, 1 ],
-audit => [ qr/./, 1 ],
debug => [ qr/Warning\. Unconditional match in SecAction\./, 1 ],
},
@@ -32,11 +32,11 @@
SecDebugLog $ENV{DEBUG_LOG}
SecDebugLogLevel 5
SecDefaultAction "phase:2,deny,status:403"
- SecRule ARGS:test "value,id:500032"
+ SecRule ARGS:test "value" "id:500032"
),
match_log => {
- error => [ qr/ModSecurity: /, 1 ],
- debug => [ qr/Rule [0-9a-f]+: SecRule "ARGS:test" "\@rx value" "phase:2,deny,status:403"$/m, 1 ],
+ error => [ qr/500032/, 1 ],
+ debug => [ qr/Rule [0-9a-f]+: SecRule "ARGS:test" "\@rx value" "phase:2,deny,status:403,id:500032"$/m, 1 ],
},
match_response => {
status => qr/^403$/,
@@ -57,7 +57,7 @@
),
match_log => {
error => [ qr/ModSecurity: /, 1 ],
- debug => [ qr/Rule [0-9a-f]+: SecRule "ARGS:test" "\@rx value" "phase:2,deny,status:403"$/m, 1 ],
+ debug => [ qr/Rule [0-9a-f]+: SecRule "ARGS:test" "\@rx value" "phase:2,deny,status:403,id:500033"$/m, 1 ],
},
match_response => {
status => qr/^403$/,
@@ -75,12 +75,12 @@
SecDebugLogLevel 5
SecDefaultAction "phase:2,log,noauditlog,pass,tag:foo"
SecRule ARGS:test "value" "chain,phase:2,deny,status:403,id:500034"
- SecRule &ARGS "\@eq 1" "chain,setenv:tx.foo=bar,id:500035"
- SecRule REQUEST_METHOD "\@streq GET,id:500036"
+ SecRule &ARGS "\@eq 1" "chain,setenv:tx.foo=bar"
+ SecRule REQUEST_METHOD "\@streq GET"
),
match_log => {
error => [ qr/ModSecurity: /, 1 ],
- debug => [ qr/Rule [0-9a-f]+: SecRule "ARGS:test" "\@rx value" "phase:2,log,noauditlog,tag:foo,chain,deny,status:403"\r?\n.*Rule [0-9a-f]+: SecRule "&ARGS" "\@eq 1" "chain,setenv:tx.foo=bar"\r?\n.*Rule [0-9a-f]+: SecRule "REQUEST_METHOD" "\@streq GET"\r?\n/s, 1 ],
+ debug => [ qr/Rule [0-9a-f]+: SecRule "ARGS:test" "\@rx value" "phase:2,log,noauditlog,tag:foo,chain,deny,status:403,id:500034"\r?\n.*Rule [0-9a-f]+: SecRule "&ARGS" "\@eq 1" "chain,setenv:tx.foo=bar"\r?\n.*Rule [0-9a-f]+: SecRule "REQUEST_METHOD" "\@streq GET"\r?\n/s, 1 ],
},
match_response => {
status => qr/^403$/,
diff --git a/tests/regression/rule/10-xml.t b/tests/regression/rule/10-xml.t
index 2671b58b..ea9d6ad9 100644
--- a/tests/regression/rule/10-xml.t
+++ b/tests/regression/rule/10-xml.t
@@ -8,6 +8,7 @@
conf => qq(
SecRuleEngine On
SecRequestBodyAccess On
+ SecXmlExternalEntity On
SecDebugLog $ENV{DEBUG_LOG}
SecDebugLogLevel 9
SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500005, \\
@@ -55,6 +56,7 @@
conf => qq(
SecRuleEngine On
SecRequestBodyAccess On
+ SecXmlExternalEntity On
SecDebugLog $ENV{DEBUG_LOG}
SecDebugLogLevel 9
SecAuditEngine RelevantOnly
@@ -104,6 +106,7 @@
conf => qq(
SecRuleEngine On
SecRequestBodyAccess On
+ SecXmlExternalEntity On
SecDebugLog $ENV{DEBUG_LOG}
SecDebugLogLevel 9
SecAuditEngine RelevantOnly
@@ -154,6 +157,7 @@
conf => qq(
SecRuleEngine On
SecRequestBodyAccess On
+ SecXmlExternalEntity On
SecDebugLog $ENV{DEBUG_LOG}
SecDebugLogLevel 9
SecAuditEngine RelevantOnly
@@ -204,6 +208,7 @@
conf => qq(
SecRuleEngine On
SecRequestBodyAccess On
+ SecXmlExternalEntity On
SecDebugLog $ENV{DEBUG_LOG}
SecDebugLogLevel 9
SecAuditEngine RelevantOnly
@@ -254,6 +259,7 @@
conf => qq(
SecRuleEngine On
SecRequestBodyAccess On
+ SecXmlExternalEntity On
SecDebugLog $ENV{DEBUG_LOG}
SecDebugLogLevel 9
SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500020, \\
@@ -297,6 +303,7 @@
conf => qq(
SecRuleEngine On
SecRequestBodyAccess On
+ SecXmlExternalEntity On
SecDebugLog $ENV{DEBUG_LOG}
SecDebugLogLevel 9
SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500023, \\
@@ -340,6 +347,7 @@
conf => qq(
SecRuleEngine On
SecRequestBodyAccess On
+ SecXmlExternalEntity On
SecDebugLog $ENV{DEBUG_LOG}
SecDebugLogLevel 9
SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500026, \\
@@ -383,6 +391,7 @@
conf => qq(
SecRuleEngine On
SecRequestBodyAccess On
+ SecXmlExternalEntity On
SecDebugLog $ENV{DEBUG_LOG}
SecDebugLogLevel 9
SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500029, \\
diff --git a/tests/regression/rule/20-exceptions.t b/tests/regression/rule/20-exceptions.t
index 6bdb44c3..675a6408 100644
--- a/tests/regression/rule/20-exceptions.t
+++ b/tests/regression/rule/20-exceptions.t
@@ -8,11 +8,11 @@
SecRuleEngine On
SecDebugLog $ENV{DEBUG_LOG}
SecDebugLogLevel 9
- SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:1"
- SecRuleRemoveById 1
+ SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:101010"
+ SecRuleRemoveById 101010
),
match_log => {
- -error => [ qr/ModSecurity: /, 1 ],
+ -error => [ qr/101010/, 1 ],
-audit => [ qr/./, 1 ],
debug => [ qr/Starting phase REQUEST_HEADERS\..*This phase consists of 0 rule.*Starting phase RESPONSE_HEADERS\./s, 1 ],
-debug => [ qr/Access denied/, 1 ],
@@ -31,13 +31,13 @@
SecRuleEngine On
SecDebugLog $ENV{DEBUG_LOG}
SecDebugLogLevel 9
- SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:1"
- SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:2"
- SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:3"
- SecRuleRemoveById 1 2 3
+ SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:101010"
+ SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:202020"
+ SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:303030"
+ SecRuleRemoveById 101010 202020 303030
),
match_log => {
- -error => [ qr/ModSecurity: /, 1 ],
+ -error => [ qr/101010|202020|303030/, 1 ],
-audit => [ qr/./, 1 ],
debug => [ qr/Starting phase REQUEST_HEADERS\..*This phase consists of 0 rule.*Starting phase RESPONSE_HEADERS\./s, 1 ],
-debug => [ qr/Access denied/, 1 ],
@@ -56,13 +56,13 @@
SecRuleEngine On
SecDebugLog $ENV{DEBUG_LOG}
SecDebugLogLevel 9
- SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:1"
- SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:2"
- SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:3"
- SecRuleRemoveById 1-3
+ SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:101010"
+ SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:202020"
+ SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:303030"
+ SecRuleRemoveById 101010-303030
),
match_log => {
- -error => [ qr/ModSecurity: /, 1 ],
+ -error => [ qr/101010|202020|303030/, 1 ],
-audit => [ qr/./, 1 ],
debug => [ qr/Starting phase REQUEST_HEADERS\..*This phase consists of 0 rule.*Starting phase RESPONSE_HEADERS\./s, 1 ],
-debug => [ qr/Access denied/, 1 ],
@@ -81,14 +81,14 @@
SecRuleEngine On
SecDebugLog $ENV{DEBUG_LOG}
SecDebugLogLevel 9
- SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:1"
- SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:2"
- SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:3"
- SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:4"
- SecRuleRemoveById 1 2-4
+ SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:101010"
+ SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:202020"
+ SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:303030"
+ SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:404040"
+ SecRuleRemoveById 101010 202020-404040
),
match_log => {
- -error => [ qr/ModSecurity: /, 1 ],
+ -error => [ qr/101010|202020|303030|404040/, 1 ],
-audit => [ qr/./, 1 ],
debug => [ qr/Starting phase REQUEST_HEADERS\..*This phase consists of 0 rule.*Starting phase RESPONSE_HEADERS\./s, 1 ],
-debug => [ qr/Access denied/, 1 ],
@@ -109,11 +109,11 @@
SecRuleEngine On
SecDebugLog $ENV{DEBUG_LOG}
SecDebugLogLevel 9
- SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:1,msg:'testing rule',id:500001"
+ SecRule REQUEST_URI "test" "phase:1,deny,status:500,msg:'testing rule',id:500001"
SecRuleRemoveByMsg "testing rule"
),
match_log => {
- -error => [ qr/ModSecurity: /, 1 ],
+ -error => [ qr/500001/, 1 ],
-audit => [ qr/./, 1 ],
debug => [ qr/Starting phase REQUEST_HEADERS\..*This phase consists of 0 rule.*Starting phase RESPONSE_HEADERS\./s, 1 ],
-debug => [ qr/Access denied/, 1 ],
@@ -134,13 +134,13 @@
SecRuleEngine On
SecDebugLog $ENV{DEBUG_LOG}
SecDebugLogLevel 9
- SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:1,msg:'testing rule',id:500002"
- SecRuleUpdateActionById 1 "pass,nolog"
+ SecRule REQUEST_URI "test" "phase:1,deny,status:500,msg:'testing rule',id:500002"
+ SecRuleUpdateActionById 500002 "pass,nolog"
),
match_log => {
- -error => [ qr/ModSecurity: /, 1 ],
+ -error => [ qr/500002/, 1 ],
-audit => [ qr/./, 1 ],
- debug => [ qr/id:1,.*,pass,nolog/, 1 ],
+ debug => [ qr/id:500002,pass,nolog/, 1 ],
-debug => [ qr/Access denied/, 1 ],
},
match_response => {
@@ -157,14 +157,14 @@
SecRuleEngine On
SecDebugLog $ENV{DEBUG_LOG}
SecDebugLogLevel 9
- SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:1,msg:'testing rule',chain,id:500003"
- SecRule ARGS "bar,id:500004"
- SecRuleUpdateActionById 1 "pass,nolog"
+ SecRule REQUEST_URI "test" "phase:1,deny,status:500,msg:'testing rule',chain,id:500003"
+ SecRule ARGS "bar"
+ SecRuleUpdateActionById 500003 "pass,nolog"
),
match_log => {
- -error => [ qr/ModSecurity: /, 1 ],
+ -error => [ qr/500003/, 1 ],
-audit => [ qr/./, 1 ],
- debug => [ qr/id:1,.*,pass,nolog/, 1 ],
+ debug => [ qr/id:500003,pass,nolog/, 1 ],
-debug => [ qr/Access denied/, 1 ],
},
match_response => {
diff --git a/tests/regression/server_root/conf/httpd.conf.in b/tests/regression/server_root/conf/httpd.conf.in
index b25d16ab..3f19eafa 100644
--- a/tests/regression/server_root/conf/httpd.conf.in
+++ b/tests/regression/server_root/conf/httpd.conf.in
@@ -1,49 +1,30 @@
### Base configuration for starting Apache httpd
+LoadModule proxy_module @APXS_LIBEXECDIR@/mod_proxy.so
+LoadModule proxy_http_module @APXS_LIBEXECDIR@/mod_proxy_http.so
+LoadModule unique_id_module @APXS_LIBEXECDIR@/mod_unique_id.so
+# TODO: Need to have these configurable
+LoadModule security2_module @MSC_BASE_DIR@/apache2/.libs/mod_security2.so
+
+= 2.4>
+ LoadModule access_compat_module /usr/lib/apache2/modules/mod_access_compat.so
+ LoadModule mpm_worker_module /usr/lib/apache2/modules/mod_mpm_worker.so
+ LoadModule authn_core_module /usr/lib/apache2/modules/mod_authn_core.so
+ LoadModule authz_core_module /usr/lib/apache2/modules/mod_authz_core.so
+
+
+ServerName localhost
+CoreDumpDirectory @MSC_REGRESSION_SERVERROOT_DIR@/tmp
+LogLevel debug
+ErrorLog @MSC_REGRESSION_LOGS_DIR@/error.log
+
# File locations
PidFile @MSC_REGRESSION_LOGS_DIR@/httpd.pid
ScoreBoardFile @MSC_REGRESSION_LOGS_DIR@/httpd.scoreboard
-
-
- LoadModule proxy_module @APXS_LIBEXECDIR@/mod_proxy.so
- LoadModule proxy_http_module @APXS_LIBEXECDIR@/mod_proxy_http.so
-
-
- LoadModule unique_id_module @APXS_LIBEXECDIR@/mod_unique_id.so
-
-
-
- # TODO: Need to have these configurable
- LoadModule security2_module @MSC_BASE_DIR@/apache2/.libs/mod_security2.so
-
-
-ServerName localhost
-
-CoreDumpDirectory @MSC_REGRESSION_SERVERROOT_DIR@/tmp
-
-LogLevel debug
-ErrorLog @MSC_REGRESSION_LOGS_DIR@/error.log
-
-= 2.4>
- LoadModule access_compat_module /usr/lib/apache2/modules/mod_access_compat.so
- LoadModule mpm_worker_module /usr/lib/apache2/modules/mod_mpm_worker.so
-
-
-
DocumentRoot @MSC_REGRESSION_DOCROOT_DIR@
Options +Indexes +FollowSymLinks
- AllowOverride None
-
- = 2.4>
- Allow from all
- Satisfy Any
-
-
-
- Require all granted
-