github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 11:44:32 +03:00
Code Issues Packages Projects Releases Wiki Activity

Update core rules to 1.6.0-rc3.

Browse Source
This commit is contained in:
brectanus
2008-02-11 22:55:49 +00:00
parent 731ac3321b
commit de115fc4e2
15 changed files with 374 additions and 237 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
rules/modsecurity_crs_10_config.conf
View File

@@ -1,5 +1,5 @@
# ---------------------------------------------------------------
# Core ModSecurity Rule Set ver.1.5.1
# Core ModSecurity Rule Set ver.1.6.0-rc3
# Copyright (C) 2006-2007 Breach Security Inc. All rights reserved.
#
# The ModSecuirty Core Rule Set is distributed under GPL version 2
@@ -95,12 +95,12 @@ SecResponseBodyLimit 524288
# If, after monitoring the performance of the rule set after a
# sufficient period, you determine the rules never (or rarely
# trigger on legitimate requests) you can change to something
# else, such as "log,deny,status:500". You can also leave the
# else, such as "log,deny,status:403". You can also leave the
# default setting here as is, but use per rule action configuration
# to only configure some rules to reject requests, leaving most
# of them to work in detection mode.
#
#SecDefaultAction "phase:2,log,pass,status:500"
#SecDefaultAction "phase:2,log,deny,status:403,t:lowercase,t:replaceNulls,t:compressWhitespace"
# Set web server identification string
#
@@ -108,9 +108,14 @@ SecResponseBodyLimit 524288
# instead of the detailed Apache default signature that list most modules
# used on the specific Apache deployment:
# "Apache/2.2.0 (Fedora)"
#
# For this directive to work, you need to set Apache ServerTokens
# to Full (this is the default option)
SecServerSignature "Apache/2.2.0 (Fedora)"
# Add ruleset identity to the logs
#
SecComponentSignature "core ruleset/1.6.0-rc3"
## -- File uploads configuration -----------------------------------------------
# Temporary file storage path.
#
@@ -147,7 +152,7 @@ SecUploadKeepFiles Off
## -- Logging ----------------------------------------------------------------
# Whether to log requests to the forensic log.
# Whether to log requests to the ModSecurity audit log.
#
# By default, only requests that trigger a ModSecurity events (as detected
# by) or a serer error are logged ("RelevantOnly"). This is a reasonable
@@ -165,7 +170,7 @@ SecUploadKeepFiles Off
# to "^(?:5|4\d[^4])".
#
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus "^[45]"
SecAuditLogRelevantStatus "^(?:5|4(?!04))"
# Log files structure
#
@@ -209,7 +214,7 @@ SecAuditLog logs/modsec_audit.log
# if you don't want to have (often large) files stored in your audit logs.
# Z - final boundary, signifies the end of the entry (mandatory)
SecAuditLogParts "ABIFHZ"
SecAuditLogParts "ABIFHKZ"
# Create a separate log to monitor performance.
#
@@ -293,7 +298,3 @@ SecDataDir /tmp
# Configures the directory where temporary files will be created.
SecTmpDir /tmp
# Loades the variable collection relating to the requested resource
# NOTE: We will not initiate a collection if there was an error (To prevent overloading)
SecRule RESPONSE_STATUS "!^(?:30[12]|[45]\d\d)$" "phase:3,pass,nolog,initcol:resource=%{REQUEST_FILENAME}"