kys11

2026-06-02 22:49:55 +01:00
parent 1f6bb854c3
commit 361f34c19f
1 changed files with 3 additions and 3 deletions
--- a/conf/modsecurity.conf
+++ b/conf/modsecurity.conf
@@ -9,11 +9,11 @@ SecAuditLog /var/log/modsecurity/audit.log
 # sql injection
 SecRule REQUEST_URI|ARGS "['\";]|--" \
-    "id:950001,phase:2,deny,status:403,msg:'SQL Injection Attack Detected',log"
+    "id:950001,phase:1,deny,status:403,msg:'SQL Injection Attack Detected',log"
 # xss / html injection
-SecRule REQUEST_URI|ARGS "<.*>" \
+SecRule REQUEST_URI ARGS "<.*>" \
-    "id:950003,phase:2,deny,status:403,msg:'XSS/HTML Injection Detected',log"
+    "id:950003,phase:1,deny,status:403,msg:'XSS/HTML Injection Detected',log"
 # command injection
 SecRule ARGS "(\"role\".*:.*\"admin\")|exec|cat|more|ls|dir|/etc/passwd" \