github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 11:44:32 +03:00
Code Issues Packages Projects Releases Wiki Activity

Update rules to 1.6.0.

Browse Source
This commit is contained in:
brectanus
2008-02-19 15:21:33 +00:00
parent e4eaade2ca
commit bdc746baff
16 changed files with 23 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
rules/modsecurity_crs_20_protocol_violations.conf
View File

@@ -1,5 +1,5 @@
# ---------------------------------------------------------------
# Core ModSecurity Rule Set ver.1.6.0-rc3
# Core ModSecurity Rule Set ver.1.6.0
# Copyright (C) 2006-2007 Breach Security Inc. All rights reserved.
#
# The ModSecuirty Core Rule Set is distributed under GPL version 2
@@ -15,10 +15,6 @@
#
#
# Use status code 400 response status code by default as protocol violations
# are in essence bad requests.
SecDefaultAction "log,pass,phase:2,status:400"
# Validate request line
#
SecRule REQUEST_LINE "!^(?:(?:[a-z]{3,10}\s+(?:\w{3,7}?://[\w\-\./]*(?::\d+)?)?/[^?#]*(?:\?[^#\s]*)?(?:#[\S]*)?|connect (?:\d{1,3}\.){3}\d{1,3}\.?(?::\d+)?|options \*)\s+[\w\./]+|get /[^?#]*(?:\?[^#\s]*)?(?:#[\S]*)?)$" \