github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2026-01-16 08:27:10 +03:00
Code Issues Packages Projects Releases Wiki Activity

Updated Reference Manual (v3.x) (mediawiki)

martinhsv
2022-01-13 17:11:43 -05:00
parent aa600a1b5b
commit 5671a21a6f
1 changed files with 3 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
Reference-Manual-(v3.x).mediawiki

@@ -533,68 +533,13 @@ ModSecurity hash engine will append, if specified, the user's session id or remo
== SecHashParam == == SecHashParam ==
'''Description:''' Define the parameter name that will receive the MAC hash. '''Not supported in v3'''
'''Syntax:''' <code>SecHashParam TEXT</code>
'''Example Usage:''' <code>SecHashParam "hmac"</code>
'''Scope''': Any
'''Version:''' 2.7.1-2.9.x
'''Supported on libModSecurity:''' TBI
ModSecurity hash engine will add a new parameter to protected HTML elements containing the MAC hash.
== SecHashMethodRx == == SecHashMethodRx ==
'''Description:''' Configures what kind of HTML data the hash engine should sign based on regular expression. '''Not supported in v3'''
'''Syntax:''' <code>SecHashMethodRx TYPE REGEX</code>
'''Example Usage''': <code>SecHashMethodRx HashHref "product_info|list_product"</code>
'''Scope:''' Any
'''Version:''' 2.7.1-2.9.x
'''Supported on libModSecurity:''' TBI
As a initial support is possible to protect HREF, FRAME, IFRAME and FORM ACTION html elements as well response Location header when http redirect code are sent.
The possible values for TYPE are:
*'''HashHref''': Used to sign href= html elements
*'''HashFormAction''': Used to sign form action= html elements
*'''HashIframeSrc''': Used to sign iframe src= html elements
*'''HashframeSrc''': Used to sign frame src= html elements
*'''HashLocation''': Used to sign Location response header
; Note : This directive is used to sign the elements however user must use the @validateHash operator to enforce data integrity.
== SecHashMethodPm == == SecHashMethodPm ==
'''Description:''' Configures what kind of HTML data the hash engine should sign based on string search algoritm. '''Not supported in v3'''
'''Syntax:''' <code>SecHashMethodPm TYPE "string1 string2 string3..."</code>
'''Example Usage''': <code>SecHashMethodPm HashHref "product_info list_product"</code>
'''Scope:''' Any
'''Version:''' 2.7.1-2.9.x
'''Supported on libModSecurity:''' TBI
As a initial support is possible to protect HREF, FRAME, IFRAME and FORM ACTION html elements as well response Location header when http redirect code are sent.
The possible values for TYPE are:
*'''HashHref''': Used to sign href= html elements
*'''HashFormAction''': Used to sign form action= html elements
*'''HashIframeSrc''': Used to sign iframe src= html elements
*'''HashframeSrc''': Used to sign frame src= html elements
*'''HashLocation''': Used to sign Location response header
; Note : This directive is used to sign the elements however user must use the @validateHash operator to enforce data integrity.
== SecGeoLookupDb == == SecGeoLookupDb ==
'''Description''': Defines the path to the database that will be used for geolocation lookups. '''Description''': Defines the path to the database that will be used for geolocation lookups.