github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2026-01-01 14:15:46 +03:00
Code Issues Packages Projects Releases Wiki Activity

Updated Reference Manual (mediawiki)

Chaim Sanders
2017-03-31 11:55:12 -04:00
parent 68d0af5348
commit 7c8b1e8136
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Reference-Manual.mediawiki

@@ -2673,7 +2673,7 @@ SecRule REQUEST_HEADERS:Authorization "^Basic ([a-zA-Z0-9]+=*)$" "phase:1,id:93,
SecRule TX:1 ^(\w+): t:base64Decode,capture,chain SecRule TX:1 ^(\w+): t:base64Decode,capture,chain
SecRule TX:1 ^(admin|root|backup)$ SecRule TX:1 ^(admin|root|backup)$
</pre> </pre>
; Note : Be careful when applying base64Decode with other transformations. The order of your transformation matters in this case as certain transformations may change or invalidate the base64 encoded string prior to being decoded (i.e t:uppercase, t:lowercase). This of course means that it is also very difficult to write a single rule that checks for a base64decoded value OR an unencoded value with transformations, it is best to write two rules in this situation. ; Note : Be careful when applying base64Decode with other transformations. The order of your transformation matters in this case as certain transformations may change or invalidate the base64 encoded string prior to being decoded (i.e t:lowercase, etc). This of course means that it is also very difficult to write a single rule that checks for a base64decoded value OR an unencoded value with transformations, it is best to write two rules in this situation.
== sqlHexDecode == == sqlHexDecode ==
Decode sql hex data. Example (0x414243) will be decoded to (ABC). Available as of 2.6.3 Decode sql hex data. Example (0x414243) will be decoded to (ABC). Available as of 2.6.3