github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2026-01-16 00:17:11 +03:00
Code Issues Packages Projects Releases Wiki Activity

Add initial CRS v2.0, reorganizing the rules a bit (MODSEC-79).

Browse Source
This commit is contained in:
b1v1r
2009-07-25 04:58:11 +00:00
parent 7ace412ecb
commit acd6441e68
41 changed files with 6795 additions and 661 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
rules/modsecurity_crs_10_global_config.conf Normal file
View File

@@ -0,0 +1,64 @@
# ---------------------------------------------------------------
# Core ModSecurity Rule Set ver.2.0
# Copyright (C) 2006-2009 Breach Security Inc. All rights reserved.
#
# The ModSecuirty Core Rule Set is distributed under GPL version 2
# Please see the enclosed LICENCE file for full details.
# ---------------------------------------------------------------
# Configuration contained in this file should be included
# in the MAIN Apache config section as these directives
# can not be included within Virtual Host containers.
#
# Set web server identification string
#
# If you want to spoof another web server type, you can specify it like this -
#
# SecServerSignature "Microsoft-IIS/6.0"
# or
# SecServerSignature "Sun-ONE-Web-Server/6.1"
#
# Spoofing the Server token data is considered by some to be "Security by Obscurity"
# and that may be true when it is the *only* security measure taken. There is
# a security benefit, however, with changing this data and that is to help
# protect against automated banner-grabbing tools, exploit code and worms that
# decide to send the attack payload based on the target platform data in the
# Server token.
#
# For this directive to work, you need to set Apache ServerTokens
# to Full (this is the default option)
#
# The default setting is to server a blank Server banner
SecServerSignature " "
# Add ruleset identity to the logs
#
SecComponentSignature "core ruleset/2.0"
# Parameters separator
#
# Specifies which character to use as separator for
# application/x-www-form-urlencoded content.
# Defaults to "&". Applications are sometimes (very rarely) written to use
# a semicolon (";").
#
# NOTE Changing the value for this directive has significant influence on how
# ModSecurity works. Make the change only if you are absolutely sure it
# is required.
SecArgumentSeparator "&"
# Path where persistent data (e.g. IP address data, session data, etc) is to
# be stored. Must be writable by the web server user.
#
# TODO It is advisable to create a directory structure for ModSecurity such as
# /var/log/msa and create sub directories for SecDataDir, SecTmpDir,
# SecUploadDir, SecAuditLog and SecAuditLogStorageDir
# underneath it and set the permission for read and write only by the
# Apache user.
SecDataDir /tmp
# Create both Global and IP collections for rules to use
SecAction "phase:1,t:none,pass,nolog,initcol:global=global,initcol:ip=%{remote_addr}"