vasco/FSI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

kys10

Browse Source
This commit is contained in:
vasco
2026-06-02 22:44:16 +01:00
parent 05cbbfbe18
commit 1f6bb854c3
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
conf/modsecurity.conf
View File

@@ -16,11 +16,11 @@ SecRule REQUEST_URI|ARGS "<.*>" \
"id:950003,phase:2,deny,status:403,msg:'XSS/HTML Injection Detected',log"
# command injection
SecRule REQUEST_URI|ARGS "(\"role\".*:.*\"admin\")|exec|cat|more|ls|dir|/etc/passwd" \
SecRule ARGS "(\"role\".*:.*\"admin\")|exec|cat|more|ls|dir|/etc/passwd" \
"id:950006,phase:2,deny,status:403,msg:'Command Injection Detected',log"
# path traversal
SecRule REQUEST_URI|ARGS "\%00|\%2500|(\./|\.\./)|ftp|metrics|api-docs" \
SecRule REQUEST_URI|ARGS "\%00|\%2500|\.\./|ftp|metrics|api-docs" \
"id:950007,phase:2,deny,status:403,msg:'Path traversal attempt',log"
# exposed stuff (redundante ?)