github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-11-16 01:22:18 +03:00
Code Issues Packages Projects Releases Wiki Activity

Updated Reference Manual (mediawiki)

Chaim Sanders
2016-04-25 16:42:40 -04:00
parent e804574c2e
commit 84f5eab4e4
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Reference-Manual.mediawiki

@@ -2305,13 +2305,13 @@ This variable can be used as either a collection of all of the request headers o
<code>SecRule REQUEST_HEADERS:Host "^[\d\.]+$" "deny,id:47,log,status:400,msg:'Host header is a numeric IP address'"</code>
; Note: ModSecurity will treat multiple headers that have identical names in accordance with how the webserver treats them. For Apache this means that they will all be concatenated into a single header with a comma as the deliminator.
== REQUEST_HEADERS_NAMES ==
This variable is a collection of the names of all of the request headers.
<code>SecRule REQUEST_HEADERS_NAMES "^x-forwarded-for" "log,deny,id:48,status:403,t:lowercase,msg:'Proxy Server Used'"</code>
; Note: ModSecurity will treat multiple headers that have identical names in accordance with how the webserver treats them. For Apache this means that they will all be concatenated into a single header with a comma as the deliminator.
== REQUEST_LINE ==
This variable holds the complete request line sent to the server (including the request method and HTTP version information).