kys6

relatorio/relatorio.listing

@@ -1 +1,15 @@
-<img src="x" onerror="alert(localStorage.getItem('token'))">apple
+# sql injection
+SecRule ARGS "['\";]|--" \
+    "id:950001,phase:2,deny,status:403,msg:'SQL Injection Attack Detected',log"
+
+# xss / html injection
+SecRule ARGS "<.*>" \
+    "id:950003,phase:2,deny,status:403,msg:'XSS/HTML Injection Detected',log"
+
+# command injection
+SecRule ARGS "exec|cat|more|ls|dir|/etc/passwd" \
+    "id:950006,phase:2,deny,status:403,msg:'Command Injection Detected',log"
+
+# path traversal
+SecRule ARGS "(\./|\.\./)|ftp|metrics|api-docs" \
+    "id:950007,phase:2,deny,status:403,msg:'Path Traversal Attempt',log"