mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-08-13 21:36:00 +03:00
6421ff087a
ModSecurity version 3 is capable to handle disruptive actions in different rules from the chain. However, lets get it working in the same fashion that we have in version 2.
87 lines
1.9 KiB
JSON
87 lines
1.9 KiB
JSON
[
|
|
{
|
|
"enabled":1,
|
|
"version_min":300000,
|
|
"title":"Testing Variables :: MATCHED_VAR (1/2)",
|
|
"client":{
|
|
"ip":"200.249.12.31",
|
|
"port":123
|
|
},
|
|
"server":{
|
|
"ip":"200.249.12.31",
|
|
"port":80
|
|
},
|
|
"request":{
|
|
"headers":{
|
|
"Host":"localhost",
|
|
"User-Agent":"curl/7.38.0",
|
|
"Accept":"*/*"
|
|
},
|
|
"uri":"/?key=value&key=other_value",
|
|
"method":"GET"
|
|
},
|
|
"response":{
|
|
"headers":{
|
|
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
|
|
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
|
|
"Content-Type":"text/html"
|
|
},
|
|
"body":[
|
|
"no need."
|
|
]
|
|
},
|
|
"expected":{
|
|
"debug_log":"Target value: \"other_value\" \\(Variable: MATCHED_VAR\\)"
|
|
},
|
|
"rules":[
|
|
"SecRuleEngine On",
|
|
"SecRule ARGS:key \"@contains other_value\" \"chain,id:28,pass\"",
|
|
"SecRule MATCHED_VAR \"@contains asdf\" \"\""
|
|
]
|
|
},
|
|
{
|
|
"enabled":1,
|
|
"version_min":300000,
|
|
"title":"Testing Variables :: MATCHED_VAR (2/2)",
|
|
"client":{
|
|
"ip":"200.249.12.31",
|
|
"port":123
|
|
},
|
|
"server":{
|
|
"ip":"200.249.12.31",
|
|
"port":80
|
|
},
|
|
"request":{
|
|
"headers":{
|
|
"Host":"localhost",
|
|
"User-Agent":"curl/7.38.0",
|
|
"Accept":"*/*"
|
|
},
|
|
"uri":"/?key=value&key=other_value",
|
|
"method":"GET"
|
|
},
|
|
"response":{
|
|
"headers":{
|
|
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
|
|
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
|
|
"Content-Type":"text/html"
|
|
},
|
|
"body":[
|
|
"no need."
|
|
]
|
|
},
|
|
"expected":{
|
|
"debug_log":"Rule returned 0"
|
|
},
|
|
"rules":[
|
|
"SecRuleEngine On",
|
|
"SecRule ARGS:key \"@contains other_value\" \"chain,id:28,pass\"",
|
|
"SecRule MATCHED_VAR \"@contains Aasdf\" \"\"",
|
|
|
|
"SecRule MATCHED_VAR \"@contains other_value\" \"id:29,pass\"",
|
|
"SecRule MATCHED_VAR \"@contains other_value\" \"id:30,pass\""
|
|
]
|
|
}
|
|
]
|
|
|