mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-09-29 19:24:29 +03:00
Refactoring external resources download warn messages
Holding the message to be displayed when Apache is ready to write on the error_log instead of the default output. Regression tests were added.
This commit is contained in:
Felipe Zimmerle
@@ -1,29 +0,0 @@
|
||||
### pmfromfile external resource
|
||||
|
||||
{
|
||||
type => "misc",
|
||||
comment => "pmfromfile",
|
||||
conf => qq(
|
||||
SecRuleEngine On
|
||||
SecDebugLog $ENV{DEBUG_LOG}
|
||||
SecDebugLogLevel 9
|
||||
SecRequestBodyAccess On
|
||||
SecRule REQUEST_FILENAME "\@pmFromFile https://www.modsecurity.org/modsecurity-regression-test.txt" "id:'123',phase:2,log,pass,t:none"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. Matched phrase \"127.0.0.1\" at REQUEST_FILENAME./, 1],
|
||||
debug => [ qr/Matched phrase \"127.0.0.1\" at REQUEST_FILENAME/, 1 ],
|
||||
},
|
||||
match_response => {
|
||||
status => qr/^404$/,
|
||||
},
|
||||
request => new HTTP::Request(
|
||||
POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/127.0.0.1.html",
|
||||
[
|
||||
"Content-Type" => "application/x-www-form-urlencoded",
|
||||
],
|
||||
# Args
|
||||
"some_variable=-1' and 1=1 union/* foo */select load_file('/etc/passwd')--"
|
||||
),
|
||||
},
|
||||
|
||||
71
tests/regression/misc/50-ipmatchfromfile-external.t.in
Normal file
71
tests/regression/misc/50-ipmatchfromfile-external.t.in
Normal file
@@ -0,0 +1,71 @@
|
||||
### ipMatchFromFile external resource
|
||||
|
||||
{
|
||||
type => "misc",
|
||||
comment => "ipMatchFromFile",
|
||||
conf => qq(
|
||||
SecRuleEngine On
|
||||
SecDebugLog $ENV{DEBUG_LOG}
|
||||
SecDebugLogLevel 9
|
||||
SecRequestBodyAccess On
|
||||
SecRule REMOTE_ADDR "\@ipMatchFromFile https://www.modsecurity.org/modsecurity-regression-test.txt" "id:10500,pass"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. IPmatchFromFile: \"127.0.0.1\" matched at REMOTE_ADDR./, 1],
|
||||
debug => [ qr/IPmatchFromFile: \"127.0.0.1\" matched at REMOTE_ADDR./, 1 ],
|
||||
-error => [ qr/ModSecurity: Problems loading external resources:/, 1],
|
||||
},
|
||||
match_response => {
|
||||
status => qr/^404$/,
|
||||
},
|
||||
request => new HTTP::Request(
|
||||
POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/127.0.0.1.html",
|
||||
[
|
||||
"Content-Type" => "application/x-www-form-urlencoded",
|
||||
],
|
||||
# Args
|
||||
"some_variable=-1' and 1=1 union/* foo */select load_file('/etc/passwd')--"
|
||||
),
|
||||
},
|
||||
{
|
||||
type => "misc",
|
||||
comment => "ipMatchFromFile - 404 download",
|
||||
conf => qq(
|
||||
SecRuleEngine On
|
||||
SecDebugLog $ENV{DEBUG_LOG}
|
||||
SecDebugLogLevel 9
|
||||
SecRequestBodyAccess On
|
||||
SecRemoteRulesFailAction Warn
|
||||
SecRule REMOTE_ADDR "\@ipMatchFromFile https://www.modsecurity.org/modsecurity-regression-test-404.txt" "id:10500,pass"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Problems loading external resources: Failed to download: \"https:\/\/www.modsecurity.org\/modsecurity-regression-test-404.txt\" error: HTTP response code said error./, 1],
|
||||
},
|
||||
match_response => {
|
||||
status => qr/^404$/,
|
||||
},
|
||||
request => new HTTP::Request(
|
||||
POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/127.0.0.1.html",
|
||||
[
|
||||
"Content-Type" => "application/x-www-form-urlencoded",
|
||||
],
|
||||
# Args
|
||||
"some_variable=-1' and 1=1 union/* foo */select load_file('/etc/passwd')--"
|
||||
),
|
||||
},
|
||||
{
|
||||
type => "misc",
|
||||
comment => "ipMatchFromFile - bad certificate name",
|
||||
conf => qq(
|
||||
SecRuleEngine On
|
||||
SecDebugLog $ENV{DEBUG_LOG}
|
||||
SecDebugLogLevel 9
|
||||
SecRequestBodyAccess On
|
||||
SecRemoteRulesFailAction Warn
|
||||
SecRule REMOTE_ADDR "\@ipMatchFromFile https://status.modsecurity.org/modsecurity-regression-test-huge-ip-list.txt" "id:10500,pass"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Problems loading external resources: Failed to download: \"https:\/\/status.modsecurity.org\/modsecurity-regression-test-huge-ip-list.txt\" error: SSL peer certificate or SSH remote key was not OK./, 1],
|
||||
},
|
||||
},
|
||||
|
||||
84
tests/regression/misc/60-pmfromfile-external.t.in
Normal file
84
tests/regression/misc/60-pmfromfile-external.t.in
Normal file
@@ -0,0 +1,84 @@
|
||||
### pmfromfile external resource
|
||||
|
||||
{
|
||||
type => "misc",
|
||||
comment => "pmfromfile",
|
||||
conf => qq(
|
||||
SecRuleEngine On
|
||||
SecDebugLog $ENV{DEBUG_LOG}
|
||||
SecDebugLogLevel 9
|
||||
SecRequestBodyAccess On
|
||||
SecRule REQUEST_FILENAME "\@pmFromFile https://www.modsecurity.org/modsecurity-regression-test.txt" "id:'123',phase:2,log,pass,t:none"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. Matched phrase \"127.0.0.1\" at REQUEST_FILENAME./, 1],
|
||||
debug => [ qr/Matched phrase \"127.0.0.1\" at REQUEST_FILENAME/, 1 ],
|
||||
-error => [ qr/ModSecurity: Problems loading external resources:/, 1],
|
||||
},
|
||||
match_response => {
|
||||
status => qr/^404$/,
|
||||
},
|
||||
request => new HTTP::Request(
|
||||
POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/127.0.0.1.html",
|
||||
[
|
||||
"Content-Type" => "application/x-www-form-urlencoded",
|
||||
],
|
||||
# Args
|
||||
"some_variable=-1' and 1=1 union/* foo */select load_file('/etc/passwd')--"
|
||||
),
|
||||
},
|
||||
{
|
||||
type => "misc",
|
||||
comment => "pmfromfile - 404 download",
|
||||
conf => qq(
|
||||
SecRuleEngine On
|
||||
SecDebugLog $ENV{DEBUG_LOG}
|
||||
SecDebugLogLevel 9
|
||||
SecRequestBodyAccess On
|
||||
SecRemoteRulesFailAction Warn
|
||||
SecRule REQUEST_FILENAME "\@pmFromFile https://www.modsecurity.org/modsecurity-regression-test-404.txt" "id:'123',phase:2,log,pass,t:none"
|
||||
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Problems loading external resources: Failed to download: \"https:\/\/www.modsecurity.org\/modsecurity-regression-test-404.txt\" error: HTTP response code said error./, 1],
|
||||
},
|
||||
match_response => {
|
||||
status => qr/^404$/,
|
||||
},
|
||||
request => new HTTP::Request(
|
||||
POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/127.0.0.1.html",
|
||||
[
|
||||
"Content-Type" => "application/x-www-form-urlencoded",
|
||||
],
|
||||
# Args
|
||||
"some_variable=-1' and 1=1 union/* foo */select load_file('/etc/passwd')--"
|
||||
),
|
||||
},
|
||||
{
|
||||
type => "misc",
|
||||
comment => "pmfromfile - bad certificate name",
|
||||
conf => qq(
|
||||
SecRuleEngine On
|
||||
SecDebugLog $ENV{DEBUG_LOG}
|
||||
SecDebugLogLevel 9
|
||||
SecRequestBodyAccess On
|
||||
SecRemoteRulesFailAction Warn
|
||||
SecRule REQUEST_FILENAME "\@pmFromFile https://status.modsecurity.org/modsecurity-regression-test.txt" "id:'123',phase:2,log,pass,t:none"
|
||||
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Problems loading external resources: Failed to download: \"https:\/\/status.modsecurity.org\/modsecurity-regression-test.txt\" error: SSL peer certificate or SSH remote key was not OK./, 1],
|
||||
},
|
||||
match_response => {
|
||||
status => qr/^404$/,
|
||||
},
|
||||
request => new HTTP::Request(
|
||||
POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/127.0.0.1.html",
|
||||
[
|
||||
"Content-Type" => "application/x-www-form-urlencoded",
|
||||
],
|
||||
# Args
|
||||
"some_variable=-1' and 1=1 union/* foo */select load_file('/etc/passwd')--"
|
||||
),
|
||||
},
|
||||
|
||||
Reference in New Issue
Block a user