Update rules to 1.6.0.

2025-10-01 03:57:47 +03:00 · 2008-02-19 15:21:33 +00:00
parent e4eaade2ca
commit bdc746baff
16 changed files with 23 additions and 57 deletions
--- a/rules/modsecurity_crs_21_protocol_anomalies.conf
+++ b/rules/modsecurity_crs_21_protocol_anomalies.conf
@@ -1,5 +1,5 @@
 # ---------------------------------------------------------------
-# Core ModSecurity Rule Set ver.1.6.0-rc3
+# Core ModSecurity Rule Set ver.1.6.0
 # Copyright (C) 2006-2007 Breach Security Inc. All rights reserved.
 #
 # The ModSecuirty Core Rule Set is distributed under GPL version 2
@@ -14,10 +14,6 @@
 #      the request such as URL and not allow the violation generally. 
 #

-# Use status code 400 response status code by default as protocol violations 
-# are in essence bad requests.
-SecDefaultAction "log,pass,phase:2,status:400"
-
 # Do not accept requests without common headers. 
 # Implies either an attacker or a legitimate automation client. 
 #