mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-08-18 07:06:13 +03:00
Updated Reference Manual (mediawiki)
upwork.link
parent
f5183f5027
commit
245ba66272
@ -1498,7 +1498,7 @@ SecRule REQUEST_FILENAME|ARGS_NAMES|ARGS|XML:/* "[\;\|\`]\W*?\bmail\b" \
|
|||||||
|
|
||||||
SecRuleUpdateTargetById 958895 REQUEST_URI REQUEST_FILENAME
|
SecRuleUpdateTargetById 958895 REQUEST_URI REQUEST_FILENAME
|
||||||
</pre>
|
</pre>
|
||||||
The effective resulting rule in the previous example will append the target to the end of the variable list as follows:
|
The effective resulting rule in the previous example replaces the target in the begin of the variable list as follows:
|
||||||
<pre>
|
<pre>
|
||||||
SecRule REQUEST_URI|ARGS_NAMES|ARGS|XML:/* "[\;\|\`]\W*?\bmail\b" \
|
SecRule REQUEST_URI|ARGS_NAMES|ARGS|XML:/* "[\;\|\`]\W*?\bmail\b" \
|
||||||
"phase:2,rev:'2.1.1',capture,t:none,t:htmlEntityDecode,t:compressWhitespace,t:lowercase,ctl:auditLogParts=+E,block,msg:'System Command Injection',id:'958895',tag:'WEB_ATTACK/COMMAND_INJECTION',tag:'WASCTC/WASC-31',tag:'OWASP_TOP_10/A1',tag:'PCI/6.5.2',logdata:'%{TX.0}',severity:'2',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},setvar:tx.command_injection_score=+%{tx.critical_anomaly_score},setvar:tx.%{rule.id}-WEB_ATTACK/COMMAND_INJECTION-%{matched_var_name}=%
|
"phase:2,rev:'2.1.1',capture,t:none,t:htmlEntityDecode,t:compressWhitespace,t:lowercase,ctl:auditLogParts=+E,block,msg:'System Command Injection',id:'958895',tag:'WEB_ATTACK/COMMAND_INJECTION',tag:'WASCTC/WASC-31',tag:'OWASP_TOP_10/A1',tag:'PCI/6.5.2',logdata:'%{TX.0}',severity:'2',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},setvar:tx.command_injection_score=+%{tx.critical_anomaly_score},setvar:tx.%{rule.id}-WEB_ATTACK/COMMAND_INJECTION-%{matched_var_name}=%
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user