mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-09-29 19:24:29 +03:00
Fixed: Regression tests with no ID present
This commit is contained in:
Breno Silva
@@ -9,8 +9,8 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecAction "phase:1,pass"
|
||||
SecAction "phase:1,deny"
|
||||
SecAction "phase:1,pass,id:500033"
|
||||
SecAction "phase:1,deny,id:500034"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction/, 1 ],
|
||||
@@ -30,8 +30,8 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecAction "phase:2,pass"
|
||||
SecAction "phase:2,deny"
|
||||
SecAction "phase:2,pass,id:500035"
|
||||
SecAction "phase:2,deny,id:500036"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction/, 1 ],
|
||||
@@ -53,8 +53,8 @@
|
||||
SecResponseBodyMimeType null
|
||||
SecDebugLog "$ENV{DEBUG_LOG}"
|
||||
SecDebugLogLevel 4
|
||||
SecAction "phase:3,pass"
|
||||
SecAction "phase:3,deny"
|
||||
SecAction "phase:3,pass,id:500037"
|
||||
SecAction "phase:3,deny,id:500038"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction/, 1 ],
|
||||
@@ -76,8 +76,8 @@
|
||||
SecResponseBodyMimeType null
|
||||
SecDebugLog "$ENV{DEBUG_LOG}"
|
||||
SecDebugLogLevel 4
|
||||
SecAction "phase:4,pass"
|
||||
SecAction "phase:4,deny"
|
||||
SecAction "phase:4,pass,id:500039"
|
||||
SecAction "phase:4,deny,id:500040"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction/, 1 ],
|
||||
@@ -99,8 +99,8 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecAction "phase:1,allow"
|
||||
SecAction "phase:1,deny"
|
||||
SecAction "phase:1,allow,id:500041"
|
||||
SecAction "phase:1,deny,id:500042"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Access allowed \(phase 1\). Unconditional match in SecAction/, 1 ],
|
||||
@@ -120,8 +120,8 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecAction "phase:2,allow"
|
||||
SecAction "phase:2,deny"
|
||||
SecAction "phase:2,allow,id:500043"
|
||||
SecAction "phase:2,deny,id:500044"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Access allowed \(phase 2\). Unconditional match in SecAction/, 1 ],
|
||||
@@ -143,8 +143,8 @@
|
||||
SecResponseBodyMimeType null
|
||||
SecDebugLog "$ENV{DEBUG_LOG}"
|
||||
SecDebugLogLevel 4
|
||||
SecAction "phase:3,allow"
|
||||
SecAction "phase:3,deny"
|
||||
SecAction "phase:3,allow,id:500045"
|
||||
SecAction "phase:3,deny,id:500046"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Access allowed \(phase 3\). Unconditional match in SecAction/, 1 ],
|
||||
@@ -166,8 +166,8 @@
|
||||
SecResponseBodyMimeType null
|
||||
SecDebugLog "$ENV{DEBUG_LOG}"
|
||||
SecDebugLogLevel 4
|
||||
SecAction "phase:4,allow"
|
||||
SecAction "phase:4,deny"
|
||||
SecAction "phase:4,allow,id:500047"
|
||||
SecAction "phase:4,deny,id:500048"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Access allowed \(phase 4\). Unconditional match in SecAction/, 1 ],
|
||||
@@ -189,7 +189,7 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecAction "phase:1,deny"
|
||||
SecAction "phase:1,deny,id:500049"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/Access denied with code 403 \(phase 1\). Unconditional match in SecAction./, 1 ],
|
||||
@@ -209,7 +209,7 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecAction "phase:2,deny"
|
||||
SecAction "phase:2,deny,id:500050"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/Access denied with code 403 \(phase 2\). Unconditional match in SecAction./, 1 ],
|
||||
@@ -231,7 +231,7 @@
|
||||
SecResponseBodyMimeType null
|
||||
SecDebugLog "$ENV{DEBUG_LOG}"
|
||||
SecDebugLogLevel 4
|
||||
SecAction "phase:3,deny"
|
||||
SecAction "phase:3,deny,id:500051"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/Access denied with code 403 \(phase 3\). Unconditional match in SecAction./, 1 ],
|
||||
@@ -253,7 +253,7 @@
|
||||
SecResponseBodyMimeType null
|
||||
SecDebugLog "$ENV{DEBUG_LOG}"
|
||||
SecDebugLogLevel 4
|
||||
SecAction "phase:4,deny"
|
||||
SecAction "phase:4,deny,id:500052"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/Access denied with code 403 \(phase 4\). Unconditional match in SecAction./, 1 ],
|
||||
@@ -275,7 +275,7 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecAction "phase:1,drop"
|
||||
SecAction "phase:1,drop,id:500053"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/Access denied with connection close \(phase 1\). Unconditional match in SecAction./, 1 ],
|
||||
@@ -295,7 +295,7 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecAction "phase:2,drop"
|
||||
SecAction "phase:2,drop,id:500054"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/Access denied with connection close \(phase 2\). Unconditional match in SecAction./, 1 ],
|
||||
@@ -317,7 +317,7 @@
|
||||
SecResponseBodyMimeType null
|
||||
SecDebugLog "$ENV{DEBUG_LOG}"
|
||||
SecDebugLogLevel 4
|
||||
SecAction "phase:3,drop"
|
||||
SecAction "phase:3,drop,id:500055"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/Access denied with connection close \(phase 3\). Unconditional match in SecAction./, 1 ],
|
||||
@@ -339,7 +339,7 @@
|
||||
SecResponseBodyMimeType null
|
||||
SecDebugLog "$ENV{DEBUG_LOG}"
|
||||
SecDebugLogLevel 4
|
||||
SecAction "phase:4,drop"
|
||||
SecAction "phase:4,drop,id:500056"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/Access denied with connection close \(phase 4\). Unconditional match in SecAction./, 1 ],
|
||||
@@ -361,7 +361,7 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:1,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt'"
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:1,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500001"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Access denied with redirection to .* using status 302 \(phase 1\)/, 1 ],
|
||||
@@ -382,7 +382,7 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:2,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt'"
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:2,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500002"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Access denied with redirection to .* using status 302 \(phase 2\)/, 1 ],
|
||||
@@ -405,7 +405,7 @@
|
||||
SecResponseBodyMimeType null
|
||||
SecDebugLog "$ENV{DEBUG_LOG}"
|
||||
SecDebugLogLevel 4
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:3,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt'"
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:3,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500003"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Access denied with redirection to .* using status 302 \(phase 3\)/, 1 ],
|
||||
@@ -428,7 +428,7 @@
|
||||
SecResponseBodyMimeType null
|
||||
SecDebugLog "$ENV{DEBUG_LOG}"
|
||||
SecDebugLogLevel 4
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:4,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt'"
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:4,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500004"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Access denied with redirection to .* using status 302 \(phase 4\)/, 1 ],
|
||||
@@ -451,7 +451,7 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:1,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt'"
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:1,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500005"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Access denied using proxy to \(phase 1\)/, 1 ],
|
||||
@@ -472,7 +472,7 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:2,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt'"
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:2,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500006"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Access denied using proxy to \(phase 2\)/, 1 ],
|
||||
@@ -495,7 +495,7 @@
|
||||
SecResponseBodyMimeType null
|
||||
SecDebugLog "$ENV{DEBUG_LOG}"
|
||||
SecDebugLogLevel 4
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:3,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt'"
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:3,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500007"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Access denied with code 500 \(phase 3\) \(Configuration Error: Proxy action requested but it does not work in output phases\)./, 1 ],
|
||||
@@ -517,7 +517,7 @@
|
||||
SecResponseBodyMimeType null
|
||||
SecDebugLog "$ENV{DEBUG_LOG}"
|
||||
SecDebugLogLevel 4
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:4,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt'"
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:4,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500008"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Access denied with code 500 \(phase 4\) \(Configuration Error: Proxy action requested but it does not work in output phases\)./, 1 ],
|
||||
|
||||
@@ -9,8 +9,8 @@
|
||||
SecContentInjection On
|
||||
SecDebugLog "$ENV{DEBUG_LOG}"
|
||||
SecDebugLogLevel 9
|
||||
SecAction "phase:1,setvar:tx.test=test"
|
||||
SecAction "phase:2,append:'APPEND: \%{tx.test}'"
|
||||
SecAction "phase:1,setvar:tx.test=test,id:500002"
|
||||
SecAction "phase:2,append:'APPEND: \%{tx.test}',id:500003"
|
||||
),
|
||||
match_log => {
|
||||
debug => [ "Added content to bottom: APPEND: test", 1 ],
|
||||
@@ -33,8 +33,8 @@
|
||||
SecContentInjection On
|
||||
SecDebugLog "$ENV{DEBUG_LOG}"
|
||||
SecDebugLogLevel 9
|
||||
SecAction "phase:1,setvar:tx.test=test"
|
||||
SecAction "phase:2,prepend:'PREPEND: \%{tx.test}'"
|
||||
SecAction "phase:1,setvar:tx.test=test,id:500004"
|
||||
SecAction "phase:2,prepend:'PREPEND: \%{tx.test}',id:500005"
|
||||
),
|
||||
match_log => {
|
||||
debug => [ "Added content to top: PREPEND: test", 1 ],
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
conf => qq(
|
||||
SecRuleEngine On
|
||||
SecAction "phase:2,id:666,deny"
|
||||
SecAction "phase:1,pass,ctl:ruleRemoveById=666"
|
||||
SecAction "phase:1,pass,ctl:ruleRemoveById=666,id:500030"
|
||||
),
|
||||
match_log => {
|
||||
},
|
||||
@@ -23,7 +23,7 @@
|
||||
comment => "ruleRemoveById future rule across phases",
|
||||
conf => qq(
|
||||
SecRuleEngine On
|
||||
SecAction "phase:1,pass,ctl:ruleRemoveById=666"
|
||||
SecAction "phase:1,pass,ctl:ruleRemoveById=666,id:500031"
|
||||
SecAction "phase:2,id:666,deny"
|
||||
),
|
||||
match_log => {
|
||||
@@ -40,7 +40,7 @@
|
||||
comment => "ruleRemoveById future rule same phase",
|
||||
conf => qq(
|
||||
SecRuleEngine On
|
||||
SecAction "phase:1,pass,ctl:ruleRemoveById=666"
|
||||
SecAction "phase:1,pass,ctl:ruleRemoveById=666,id:500032"
|
||||
SecAction "phase:1,id:666,deny"
|
||||
),
|
||||
match_log => {
|
||||
|
||||
@@ -11,8 +11,8 @@
|
||||
SecResponseBodyMimeType null
|
||||
SecDebugLog "$ENV{DEBUG_LOG}"
|
||||
SecDebugLogLevel 9
|
||||
SecAction "phase:1,pass,msg:'PASSED'"
|
||||
SecAction "phase:1,deny,msg:'DENIED'"
|
||||
SecAction "phase:1,pass,msg:'PASSED',id:500057"
|
||||
SecAction "phase:1,deny,msg:'DENIED',id:500058"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*PASSED/, 1 ],
|
||||
@@ -32,8 +32,8 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecAction "phase:2,pass,msg:'PASSED'"
|
||||
SecAction "phase:2,deny,msg:'DENIED'"
|
||||
SecAction "phase:2,pass,msg:'PASSED',id:500059"
|
||||
SecAction "phase:2,deny,msg:'DENIED',id:500060"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*PASSED/, 1 ],
|
||||
@@ -55,8 +55,8 @@
|
||||
SecResponseBodyMimeType null
|
||||
SecDebugLog "$ENV{DEBUG_LOG}"
|
||||
SecDebugLogLevel 4
|
||||
SecAction "phase:3,pass,msg:'PASSED'"
|
||||
SecAction "phase:3,deny,msg:'DENIED'"
|
||||
SecAction "phase:3,pass,msg:'PASSED',id:500061"
|
||||
SecAction "phase:3,deny,msg:'DENIED',id:500062"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*PASSED/, 1 ],
|
||||
@@ -78,8 +78,8 @@
|
||||
SecResponseBodyMimeType null
|
||||
SecDebugLog "$ENV{DEBUG_LOG}"
|
||||
SecDebugLogLevel 4
|
||||
SecAction "phase:4,pass,msg:'PASSED'"
|
||||
SecAction "phase:4,deny,msg:'DENIED'"
|
||||
SecAction "phase:4,pass,msg:'PASSED',id:500063"
|
||||
SecAction "phase:4,deny,msg:'DENIED',id:500064"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*PASSED/, 1 ],
|
||||
@@ -101,8 +101,8 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecAction "phase:1,allow,msg:'ALLOWED'"
|
||||
SecAction "phase:1,deny,msg:'DENIED'"
|
||||
SecAction "phase:1,allow,msg:'ALLOWED',id:500065"
|
||||
SecAction "phase:1,deny,msg:'DENIED',id:500066"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*ALLOWED/, 1 ],
|
||||
@@ -125,8 +125,8 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecAction "phase:2,allow,msg:'ALLOWED'"
|
||||
SecAction "phase:2,deny,msg:'DENIED'"
|
||||
SecAction "phase:2,allow,msg:'ALLOWED',id:500067"
|
||||
SecAction "phase:2,deny,msg:'DENIED',id:500068"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*ALLOWED/, 1 ],
|
||||
@@ -149,8 +149,8 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecAction "phase:3,allow,msg:'ALLOWED'"
|
||||
SecAction "phase:3,deny,msg:'DENIED'"
|
||||
SecAction "phase:3,allow,msg:'ALLOWED',id:500069"
|
||||
SecAction "phase:3,deny,msg:'DENIED',id:500070"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*ALLOWED/, 1 ],
|
||||
@@ -173,8 +173,8 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecAction "phase:4,allow,msg:'ALLOWED'"
|
||||
SecAction "phase:4,deny,msg:'DENIED'"
|
||||
SecAction "phase:4,allow,msg:'ALLOWED',id:500071"
|
||||
SecAction "phase:4,deny,msg:'DENIED',id:500072"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*ALLOWED/, 1 ],
|
||||
@@ -199,7 +199,7 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecAction "phase:1,deny,msg:'DENIED'"
|
||||
SecAction "phase:1,deny,msg:'DENIED',id:500073"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*DENIED/, 1 ],
|
||||
@@ -220,7 +220,7 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecAction "phase:2,deny,msg:'DENIED'"
|
||||
SecAction "phase:2,deny,msg:'DENIED',id:500074"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*DENIED/, 1 ],
|
||||
@@ -241,7 +241,7 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecAction "phase:3,deny,msg:'DENIED'"
|
||||
SecAction "phase:3,deny,msg:'DENIED',id:500075"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*DENIED/, 1 ],
|
||||
@@ -262,7 +262,7 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecAction "phase:4,deny,msg:'DENIED'"
|
||||
SecAction "phase:4,deny,msg:'DENIED',id:500076"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*DENIED/, 1 ],
|
||||
@@ -285,7 +285,7 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecAction "phase:1,drop,msg:'DROPPED'"
|
||||
SecAction "phase:1,drop,msg:'DROPPED',id:500077"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*DROPPED/, 1 ],
|
||||
@@ -306,7 +306,7 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecAction "phase:2,drop,msg:'DROPPED'"
|
||||
SecAction "phase:2,drop,msg:'DROPPED',id:500078"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*DROPPED/, 1 ],
|
||||
@@ -327,7 +327,7 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecAction "phase:3,drop,msg:'DROPPED'"
|
||||
SecAction "phase:3,drop,msg:'DROPPED',id:500079"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*DROPPED/, 1 ],
|
||||
@@ -348,7 +348,7 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecAction "phase:4,drop,msg:'DROPPED'"
|
||||
SecAction "phase:4,drop,msg:'DROPPED',id:500080"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*DROPPED/, 1 ],
|
||||
@@ -371,7 +371,7 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:1,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'REDIRECTED'"
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:1,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'REDIRECTED',id:500009"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. String match "\/test2.txt" at REQUEST_URI.*REDIRECTED/, 1 ],
|
||||
@@ -393,7 +393,7 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:2,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'REDIRECTED'"
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:2,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'REDIRECTED',id:500010"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. String match "\/test2.txt" at REQUEST_URI.*REDIRECTED/, 1 ],
|
||||
@@ -415,7 +415,7 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:3,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'REDIRECTED'"
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:3,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'REDIRECTED',id:500011"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. String match "\/test2.txt" at REQUEST_URI.*REDIRECTED/, 1 ],
|
||||
@@ -437,7 +437,7 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:4,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'REDIRECTED'"
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:4,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'REDIRECTED',id:500012"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. String match "\/test2.txt" at REQUEST_URI.*REDIRECTED/, 1 ],
|
||||
@@ -461,7 +461,7 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:1,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'PROXIED'"
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:1,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'PROXIED',id:500013"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. String match "\/test2.txt" at REQUEST_URI.*PROXIED/, 1 ],
|
||||
@@ -483,7 +483,7 @@
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:2,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'PROXIED'"
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:2,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'PROXIED',id:500014"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. String match "\/test2.txt" at REQUEST_URI.*PROXIED/, 1 ],
|
||||
@@ -507,7 +507,7 @@
|
||||
SecResponseBodyMimeType null
|
||||
SecDebugLog "$ENV{DEBUG_LOG}"
|
||||
SecDebugLogLevel 4
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:3,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'PROXIED'"
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:3,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'PROXIED',id:500015"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. String match "\/test2.txt" at REQUEST_URI.*PROXIED/, 1 ],
|
||||
@@ -530,7 +530,7 @@
|
||||
SecResponseBodyMimeType null
|
||||
SecDebugLog "$ENV{DEBUG_LOG}"
|
||||
SecDebugLogLevel 4
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:4,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'PROXIED'"
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:4,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'PROXIED',id:500016"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning. String match "\/test2.txt" at REQUEST_URI.*PROXIED/, 1 ],
|
||||
|
||||
@@ -11,7 +11,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,pass,log"
|
||||
SecAction "phase:1,pass,log,id:500006"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning\. Unconditional match in SecAction\./, 1 ],
|
||||
@@ -34,7 +34,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,pass,nolog"
|
||||
SecAction "phase:1,pass,nolog,id:500007"
|
||||
),
|
||||
match_log => {
|
||||
-error => [ qr/ModSecurity: /, 1 ],
|
||||
@@ -59,7 +59,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,deny,status:403,log"
|
||||
SecAction "phase:1,deny,status:403,log,id:500008"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Access denied with code 403 \(phase 1\)\. Unconditional match in SecAction\./, 1 ],
|
||||
@@ -82,7 +82,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,deny,status:403,nolog"
|
||||
SecAction "phase:1,deny,status:403,nolog,id:500009"
|
||||
),
|
||||
match_log => {
|
||||
-error => [ qr/ModSecurity: /, 1 ],
|
||||
@@ -107,7 +107,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,pass,auditlog"
|
||||
SecAction "phase:1,pass,auditlog,id:500010"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning\. Unconditional match in SecAction\./, 1 ],
|
||||
@@ -130,7 +130,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,pass,noauditlog"
|
||||
SecAction "phase:1,pass,noauditlog,id:500011"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning\. Unconditional match in SecAction\./, 1 ],
|
||||
@@ -155,7 +155,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,deny,status:403,auditlog"
|
||||
SecAction "phase:1,deny,status:403,auditlog,id:500012"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Access denied with code 403 \(phase 1\)\. Unconditional match in SecAction\./, 1 ],
|
||||
@@ -178,7 +178,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,deny,status:403,noauditlog"
|
||||
SecAction "phase:1,deny,status:403,noauditlog,id:500013"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Access denied with code 403 \(phase 1\)\. Unconditional match in SecAction\./, 1 ],
|
||||
@@ -203,7 +203,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,pass,log,auditlog"
|
||||
SecAction "phase:1,pass,log,auditlog,id:500014"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning\. Unconditional match in SecAction\./, 1 ],
|
||||
@@ -226,7 +226,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,pass,log,noauditlog"
|
||||
SecAction "phase:1,pass,log,noauditlog,id:500015"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning\. Unconditional match in SecAction\./, 1 ],
|
||||
@@ -249,7 +249,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,pass,nolog,auditlog"
|
||||
SecAction "phase:1,pass,nolog,auditlog,id:500016"
|
||||
),
|
||||
match_log => {
|
||||
audit => [ qr/-H--\s+Message: .*Stopwatch: /s, 1 ],
|
||||
@@ -271,7 +271,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,pass,nolog,noauditlog"
|
||||
SecAction "phase:1,pass,nolog,noauditlog,id:500017"
|
||||
),
|
||||
match_log => {
|
||||
-error => [ qr/ModSecurity: /, 1 ],
|
||||
@@ -294,7 +294,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,pass,auditlog,log"
|
||||
SecAction "phase:1,pass,auditlog,log,id:500018"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning\. Unconditional match in SecAction\./, 1 ],
|
||||
@@ -317,7 +317,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,pass,auditlog,nolog"
|
||||
SecAction "phase:1,pass,auditlog,nolog,id:500019"
|
||||
),
|
||||
match_log => {
|
||||
-error => [ qr/ModSecurity: /, 1 ],
|
||||
@@ -340,7 +340,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,pass,noauditlog,log"
|
||||
SecAction "phase:1,pass,noauditlog,log,id:500020"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Warning\. Unconditional match in SecAction\./, 1 ],
|
||||
@@ -363,7 +363,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,pass,noauditlog,nolog"
|
||||
SecAction "phase:1,pass,noauditlog,nolog,id:500021"
|
||||
),
|
||||
match_log => {
|
||||
-error => [ qr/ModSecurity: /, 1 ],
|
||||
@@ -388,7 +388,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,deny,status:403,log,auditlog"
|
||||
SecAction "phase:1,deny,status:403,log,auditlog,id:500022"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Access denied with code 403 \(phase 1\)\. Unconditional match in SecAction\./, 1 ],
|
||||
@@ -411,7 +411,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,deny,status:403,log,noauditlog"
|
||||
SecAction "phase:1,deny,status:403,log,noauditlog,id:500023"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Access denied with code 403 \(phase 1\)\. Unconditional match in SecAction\./, 1 ],
|
||||
@@ -434,7 +434,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,deny,status:403,nolog,auditlog"
|
||||
SecAction "phase:1,deny,status:403,nolog,auditlog,id:500024"
|
||||
),
|
||||
match_log => {
|
||||
audit => [ qr/-H--\s+Message: .*Stopwatch: /s, 1 ],
|
||||
@@ -457,7 +457,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,deny,status:403,nolog,noauditlog"
|
||||
SecAction "phase:1,deny,status:403,nolog,noauditlog,id:500025"
|
||||
),
|
||||
match_log => {
|
||||
-error => [ qr/ModSecurity: /, 1 ],
|
||||
@@ -480,7 +480,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,deny,status:403,auditlog,log"
|
||||
SecAction "phase:1,deny,status:403,auditlog,log,id:500026"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Access denied with code 403 \(phase 1\)\. Unconditional match in SecAction\./, 1 ],
|
||||
@@ -503,7 +503,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,deny,status:403,auditlog,nolog"
|
||||
SecAction "phase:1,deny,status:403,auditlog,nolog,id:500027"
|
||||
),
|
||||
match_log => {
|
||||
-error => [ qr/ModSecurity: /, 1 ],
|
||||
@@ -526,7 +526,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,deny,status:403,noauditlog,log"
|
||||
SecAction "phase:1,deny,status:403,noauditlog,log,id:500028"
|
||||
),
|
||||
match_log => {
|
||||
error => [ qr/ModSecurity: Access denied with code 403 \(phase 1\)\. Unconditional match in SecAction\./, 1 ],
|
||||
@@ -549,7 +549,7 @@
|
||||
SecAuditLogRelevantStatus xxx
|
||||
SecAuditEngine RelevantOnly
|
||||
SecAuditLog "$ENV{AUDIT_LOG}"
|
||||
SecAction "phase:1,deny,status:403,noauditlog,nolog"
|
||||
SecAction "phase:1,deny,status:403,noauditlog,nolog,id:500029"
|
||||
),
|
||||
match_log => {
|
||||
-error => [ qr/ModSecurity: /, 1 ],
|
||||
|
||||
Reference in New Issue
Block a user