From a9f9a59e398280db7f45a280f9489de85f6ebb49 Mon Sep 17 00:00:00 2001 From: Victor Hora Date: Tue, 6 Jun 2017 15:16:36 -0400 Subject: [PATCH] Adding statement regarding potential issues with file upload with SecStreamInBodyInspection by @bostrt (#1366) --- Reference-Manual.mediawiki | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/Reference-Manual.mediawiki b/Reference-Manual.mediawiki index 0feeb78..416d45f 100644 --- a/Reference-Manual.mediawiki +++ b/Reference-Manual.mediawiki @@ -1707,6 +1707,8 @@ This feature enables the creation of the STREAM_INPUT_BODY variable and is usefu ; Note : This directive is NOT supported for libModSecurity (v3). Naturally, STREAM_INPUT_BODY is also NOT supported on libModSecurity. +; Note : This directive may significantly impact file upload times. The impact depends on server resources and the nature of operations being performed on the request bodies being streamed in. + == SecStreamOutBodyInspection == '''Description:''' Configures the ability to use stream inspection for outbound request data in a re-allocable buffer. For security reasons we are still buffering the stream. @@ -2587,9 +2589,9 @@ This variable holds the full status line sent by the server (including the reque SecRule STATUS_LINE "@contains 500" "phase:3,id:49,log,pass,logdata:'Application error detected!,t:none" -'''Version:''' 2.6.0-2.9.x +'''Version:''' 2.x -'''Supported on libModSecurity:''' No +'''Supported on libModSecurity:''' TBI == STREAM_INPUT_BODY == '''Version:''' 2.6.0-2.9.x @@ -4468,4 +4470,4 @@ While we will continue to enhance ModSecurity to deal with various evasion techn #The order in which parameters are taken from the request and the environment is EGPCS (environment, GET, POST, Cookies, built-in variables). This means that a POST parameter will overwrite the parameters transported on the request line (in QUERY_STRING). #When "magic_quotes_gpc" is set to "On" PHP will use backslash to escape the following characters: single quote, double quote, backslash, and the nul byte. #If "magic_quotes_sybase" is set to "On" only the single quote will be escaped using another single quote. In this case the "magic_quotes_gpc" setting becomes irrelevant. The "magic_quotes_sybase" setting completely overrides the "magic_quotes_gpc" behaviour but "magic_quotes_gpc" still must be set to "On" for the Sybase-specific quoting to be work. -#PHP will also automatically create nested arrays for you. For example "p[x][y]=1" results in a total of three variables. \ No newline at end of file +#PHP will also automatically create nested arrays for you. For example "p[x][y]=1" results in a total of three variables.