github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00
Code Issues Packages Projects Releases Wiki Activity
1,492 Commits 55 Branches 109 Tags
Commit Graph

110 Commits

Author SHA1 Message Date
Felipe Zimmerle
b9fdc4fe3b Adds support to suspicious and whitelist to Read and Write limits 
The operators @ipMatch, @ipMatchF and @ipMatchFromFile were
added to the functions: SecReadStateLimit and SecReadStateLimit,
by using them it is possible to declare a suspicious list. When
a suspicious list is given, the {Read|Write}StateLimit will be
applied just to the IPs that belongs to that restricted list.
Note that the negative of those operators (e.g. !@ipMatch) can be
used to place a whitelist. The {Read|Write}StateLimit
restrictions will not be applied to those in the whitelist.
This current version the Sec{Read|Write}StateLimit can be used
varios times to add elements to both lists, however, the
last informed limit will be applied for the entire group. This
feature is experimental, and suggestions on how to improve it
are very welcome. For further discussion use the issue: #353.
 2014-03-31 16:22:10 -07:00
Felipe Zimmerle
e131e2222d Adds support to status engine on IIS version 
Fixes on the windows versions: build, mac address and machine name retrieval
 2014-03-31 07:14:55 -07:00
Felipe Zimmerle
f86a71f7a7 Adds SecStatusEngine On/Off switch 
Add the possibility to turn the Status Engine On or Off using the
directive SecStatusEngine [On/Off]. By default it is On.
 2014-03-31 07:14:55 -07:00
David Andrews
27dd513ab6 Flip allocations that happen during initialization (typically) over to use non-global apr memory pools. 2014-03-03 08:00:53 -08:00
Felipe Zimmerle
31d7fc6d38 Code cosmetics: Place copy_rules in nice shape. 
Continuation of kukackajiri's work to provide fixes for errors pointed by
Parfait. The function copy_rules had an integer as return code but it was not
filed proper neither checked by its callers. This commit just adds sanity
checks and documentation for the copy_rules function. Marking were placed
on the copy_rules callers, but the return code is not handled yet.
For kukackajiri's work, see merge request: #612
 2014-03-03 04:27:29 -08:00
Felipe Zimmerle
227de9fb8a Reverts commit b1cbccdc6b18a0f3a4edda8a5dfa9f6621485e81 
This belongs to a specific branch as long as it is not stable yet.
 2013-12-18 15:05:01 -08:00
ivanr
b1cbccdc6b Added new directive (SecPdfProtectMethod) to enable the user to choose between using token redirection (falling back on forced download in some cases) and forced download (in all cases). 2013-12-17 07:14:25 -08:00
Breno Silva
bebb45f3bb SecUnicodeMapFile now accepts the code page. SecUnicodeCodePage is deprecated 2013-06-16 01:28:16 -07:00
Breno Silva
cd31b39ce1 Removed SecDefineRemoteAddr and fixed Apache 2.4 mod_remoteip integration 2013-05-06 00:49:07 -04:00
Breno Silva
6cd3a14db1 MODSEC-362 2013-04-22 13:36:13 -04:00
Breno Silva
aa18ec7f45 Updated copyright dates 2013-04-19 03:20:46 -04:00
Breno Silva
3da87da15d Fixed: typo 2013-04-06 15:03:20 -04:00
Breno Silva
a5c1492049 [MODSEC-386] Added error msg for update target by id function 2013-03-19 06:19:01 -04:00
Breno Silva
d4d80b38aa Added SecXmlExternalEntity 2013-03-04 16:54:20 -04:00
Breno Silva
bc65c3e40f MODSEC-58 2013-03-03 21:13:07 -04:00
Breno Silva
5fefb6a2cf MODSEC-58 2013-03-01 07:58:12 -04:00
Breno Silva
9725e71f06 ModSecurity: improving duplicate ID search 2013-01-31 10:22:37 -04:00
Breno Silva
eabc39ad83 Added SecCookieV0Separator 2013-01-26 18:45:34 -04:00
Breno Silva
eb41bd44f8 Change names of HMAC feature to HASH 2012-10-30 18:21:01 -04:00
Breno Silva
53d422e9de Change names of HMAC feature to HASH 2012-10-30 18:02:22 -04:00
brenosilva
919e3f5e29 Reverted SecCookiev0Separator 2012-10-03 17:33:37 +00:00
brenosilva
aee22ea461 MODSEC-261 2012-10-03 13:49:00 +00:00
brenosilva
4460061d2f Fix return msgs 2012-08-02 22:13:11 +00:00
brenosilva
3a05349e0a Fix setting key len for child conf 2012-06-22 12:58:46 +00:00
brenosilva
4ab785c192 Fix PRNG code and windows compilation errors 2012-06-15 19:27:59 +00:00
brenosilva
d88a24da1f fix rsub input parsing and add maturity, ver and accuracy actions 2012-06-04 15:29:51 +00:00
brenosilva
866cb6d6b4 Update trunk for 2.7 2012-05-10 23:18:39 +00:00
brenosilva
76e909c5a9 Rename collection timeout diretive 2011-12-07 11:41:21 +00:00
brenosilva
d4079971c6 MODSEC-160 2011-10-14 13:32:30 +00:00
brenosilva
6c89afcf7d MODSEC-211 2011-07-11 21:09:28 +00:00
brenosilva
06dd5907b6 Build and code fixes 2011-06-14 15:01:17 +00:00
brenosilva
f595919107 Implement unicode map 2011-06-02 19:11:04 +00:00
brenosilva
c8d2921051 Renaming GSB functions 2011-05-31 01:37:44 +00:00
brenosilva
5eaa1a7345 Added SecWriteStateLimit for slow post DoS 2011-05-05 17:01:57 +00:00
brenosilva
ba651304d6 Fix make test 2011-04-12 14:22:36 +00:00
brenosilva
30da07b59b MODSEC-37 2011-04-12 13:49:07 +00:00
brenosilva
7635bd5f1a Improvements in detection only 2011-04-07 19:04:13 +00:00
brenosilva
b8828ad3f1 Improvements in detection only 2011-04-05 17:22:02 +00:00
brenosilva
104f0de46e New License 2011-03-30 14:12:44 +00:00
brenosilva
1a2d377e34 MODSEC-178 2011-03-28 18:47:58 +00:00
brenosilva
49732256f6 Improvements, fixes and new features 2011-03-25 13:51:13 +00:00
brenosilva
9380fdbdde Rename gsb db directive 2011-03-15 21:31:08 +00:00
brenosilva
69551d2d09 Add Google safe browsing lookup 2011-03-15 20:49:10 +00:00
brenosilva
5464f300ef Renaming opt and args of SecRequestProcessPartial(on,off) to SecRequestBodyLimitAction(ProcessPartial,Reject) 2011-03-02 20:51:29 +00:00
brenosilva
c4100a1848 rename Stream options to SecStream 2011-03-02 16:48:56 +00:00
brenosilva
d170dd4ebe MODSEC-57 2011-02-24 15:03:50 +00:00
brenosilva
7f52d86e4b Include data edition, sanitizematched and few fixes 2011-02-14 12:49:55 +00:00
brenosilva
86cc9d6e31 Request process partial under detectiononly 2010-12-23 16:06:45 +00:00
brenosilva
1260d2b097 MODSEC-104 2010-12-23 12:27:57 +00:00
brenosilva
60a1725d04 MODSEC-12 2010-12-16 15:38:30 +00:00