From 3960d1cb321a60c0bf774347e8bfd8d0c92bb01c Mon Sep 17 00:00:00 2001 From: Martin Vierula Date: Wed, 23 Nov 2022 17:17:39 -0800 Subject: [PATCH] Correct typo of INBOUND_DATA_ERROR --- Reference-Manual-(v2.x)-Configuration-Directives.mediawiki | 2 +- Reference-Manual-(v2.x).mediawiki | 2 +- Reference-Manual-(v3.x).mediawiki | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Reference-Manual-(v2.x)-Configuration-Directives.mediawiki b/Reference-Manual-(v2.x)-Configuration-Directives.mediawiki index c8afe18..d6a3b65 100644 --- a/Reference-Manual-(v2.x)-Configuration-Directives.mediawiki +++ b/Reference-Manual-(v2.x)-Configuration-Directives.mediawiki @@ -923,7 +923,7 @@ Generally speaking, the default value is not small enough. For most applications By default, ModSecurity will reject a request body that is longer than specified. This is problematic especially when ModSecurity is being run in DetectionOnly mode and the intent is to be totally passive and not take any disruptive actions against the transaction. With the ability to choose what happens once a limit is reached, site administrators can choose to inspect only the first part of the request, the part that can fit into the desired limit, and let the rest through. This is not ideal from a possible evasion issue perspective, however it may be acceptable under certain circumstances. -; Note : When the SecRuleEngine is set to DetectionOnly, SecRequestBodyLimitAction is automatically set to ProcessPartial in order to not cause any disruptions. If you want to know if/when a request body size is over your limit, you can create a rule to check for the existence of the INBOUND_ERROR_DATA variable. +; Note : When the SecRuleEngine is set to DetectionOnly, SecRequestBodyLimitAction is automatically set to ProcessPartial in order to not cause any disruptions. If you want to know if/when a request body size is over your limit, you can create a rule to check for the existence of the INBOUND_DATA_ERROR variable. == SecResponseBodyLimit == '''Description:''' Configures the maximum response body size that will be accepted for buffering. diff --git a/Reference-Manual-(v2.x).mediawiki b/Reference-Manual-(v2.x).mediawiki index 308f967..c8998b9 100644 --- a/Reference-Manual-(v2.x).mediawiki +++ b/Reference-Manual-(v2.x).mediawiki @@ -1154,7 +1154,7 @@ Generally speaking, the default value is not small enough. For most applications By default, ModSecurity will reject a request body that is longer than specified. This is problematic especially when ModSecurity is being run in DetectionOnly mode and the intent is to be totally passive and not take any disruptive actions against the transaction. With the ability to choose what happens once a limit is reached, site administrators can choose to inspect only the first part of the request, the part that can fit into the desired limit, and let the rest through. This is not ideal from a possible evasion issue perspective, however it may be acceptable under certain circumstances. -; Note : When the SecRuleEngine is set to DetectionOnly, SecRequestBodyLimitAction is automatically set to ProcessPartial in order to not cause any disruptions. If you want to know if/when a request body size is over your limit, you can create a rule to check for the existence of the INBOUND_ERROR_DATA variable. +; Note : When the SecRuleEngine is set to DetectionOnly, SecRequestBodyLimitAction is automatically set to ProcessPartial in order to not cause any disruptions. If you want to know if/when a request body size is over your limit, you can create a rule to check for the existence of the INBOUND_DATA_ERROR variable. == SecResponseBodyLimit == '''Description:''' Configures the maximum response body size that will be accepted for buffering. diff --git a/Reference-Manual-(v3.x).mediawiki b/Reference-Manual-(v3.x).mediawiki index 494a55c..328bba9 100644 --- a/Reference-Manual-(v3.x).mediawiki +++ b/Reference-Manual-(v3.x).mediawiki @@ -592,7 +592,7 @@ Generally speaking, the default value is not small enough. For most applications By default, ModSecurity will reject a request body that is longer than specified. This is problematic especially when ModSecurity is being run in DetectionOnly mode and the intent is to be totally passive and not take any disruptive actions against the transaction. With the ability to choose what happens once a limit is reached, site administrators can choose to inspect only the first part of the request, the part that can fit into the desired limit, and let the rest through. This is not ideal from a possible evasion issue perspective, however it may be acceptable under certain circumstances. -; Note : When the SecRuleEngine is set to DetectionOnly, SecRequestBodyLimitAction is automatically set to ProcessPartial in order to not cause any disruptions. If you want to know if/when a request body size is over your limit, you can create a rule to check for the existence of the INBOUND_ERROR_DATA variable. +; Note : When the SecRuleEngine is set to DetectionOnly, SecRequestBodyLimitAction is automatically set to ProcessPartial in order to not cause any disruptions. If you want to know if/when a request body size is over your limit, you can create a rule to check for the existence of the INBOUND_DATA_ERROR variable. == SecResponseBodyLimit == '''Description:''' Configures the maximum response body size that will be accepted for buffering.