github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 13:26:01 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,627 Commits 55 Branches 109 Tags
Commit Graph

28 Commits

Author SHA1 Message Date
Ervin Hegedus
63201ae39f
chore: add 'log' action to rule 200005 2024-10-02 16:33:56 +02:00
Ervin Hegedus
d7ef620e8b
docs: Add info about modification 2024-02-22 14:04:49 +01:00
Ervin Hegedus
f850932f83
fix: Change 'SecEngineStatus' to Off by default 2024-02-22 14:03:04 +01:00
Martin Vierula
622eb9e6c8
Adjust parser activation rules in modsecurity.conf-recommended 2022-09-07 08:49:56 -07:00
Martin Vierula
7b696d8c57 Add SecArgumentsLimit to modsecurity.conf-recommended 2022-05-04 13:14:30 -07:00
Martin Vierula
0275c8847b
Add SecRequestBodyJsonDepthLimit to modsecurity.conf-recommended 2021-12-21 06:18:53 -08:00
martinhsv
bffd68e4d1
Add commented-out sample rule to engage JSON Processor for more subtypes 2021-06-30 11:38:52 -07:00
Rajesh Rajendran
a2be19d8e5 Fixing Typo 2020-05-21 14:34:10 -03:00
Felipe Zimmerle
9ada0a28c8
Changes the default configuration to mimic v2 behavior on multipart 
Further info on: #1747, #1924
 2018-11-01 18:04:23 -03:00
Ervin Hegedus
7def498c4c
Added some documentation for multipart boundary check 2018-06-18 18:53:44 -03:00
Andrei Belov
f6af42c235
Remove SecRequestBodyInMemoryLimit from configuration template 
It is no longer supported since 81879cd, so it would be better
to remove any mentions from configuration as well to avoid possible
confusions.
 2017-08-23 11:42:23 +03:00
Chaim Sanders
b58f713fe9
add support for soap+xml 
As was talked about by @emphazer in https://github.com/SpiderLabs/owasp-modsecurity-crs/pull/721, RFC 3902 adds support for the application/soap+xml header used by SOAP 1.2.
 2017-04-06 09:49:45 -03:00
Felipe Zimmerle
a4d8dfd5ee Adds ModSecurity recommended configuration file 2016-01-11 13:56:14 -03:00
Felipe Zimmerle
33cbe0452a Opens space for libmodsecurity 
Deletes all files in the repository does not seems to be a good idea.
The better approach will be to create a new repository. On other hand
we don't want this to be detached from this main repository. We can
push this to other repository if necessary.
 2015-06-26 14:00:07 -03:00
Ulisses Albuquerque
e90874a694 Added sample JSON content-type rule 2014-03-31 16:22:09 -07:00
Felipe Zimmerle
a6d93441c1 Places StatusEngine to be Off by default 
StatusEngine is now marked as Off by default. This patch also adds the
SecStatusEngine directive to our recommend configuration file.
 2014-03-31 07:14:55 -07:00
Torben Hansen
ab9aede2e5 Update status code for rule 200002 
Removed the non standard compliant HTTP response status code 44 and replaced it with a 400 response status code. Refs #665
 2014-02-25 15:44:40 +01:00
Felipe Zimmerle
537b85edf8 Changes SecUnicodeMapFile in recommend configuration 
The parameter was using a deprecated syntax, now it is fixed.
 2013-12-18 03:48:15 -08:00
Breno Silva
1f271fdcae Fixed: Rule 200003 returning default status 2013-05-03 10:37:16 -04:00
brenosilva
2403a1a549 Fix some strange breakline situation in apache24 2012-10-19 02:39:07 +00:00
brenosilva
6e107a8b12 Fix rule 200002 2012-10-15 13:28:37 +00:00
brenosilva
6335e5426c Added MULTIPART_INVALID_PART flag 2012-10-14 23:47:27 +00:00
brenosilva
0499f1444f Added unicode mapping directives to recommended file 2012-09-26 13:40:22 +00:00
brenosilva
57b80fedcc Added unicode mapping directives to recommended file 2012-09-26 13:38:37 +00:00
brenosilva
8ead49a9b7 Added id to recommended file rules 2012-06-06 16:55:36 +00:00
brenosilva
d3ad05e9c9 MODSEC-312 2012-06-01 20:16:06 +00:00
brenosilva
1341c49838 Remove log part K from default configuration 2011-05-25 17:56:07 +00:00
brenosilva
43e3ea65b7 update recommended configuration 2011-04-18 16:54:26 +00:00