vasco/FSI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

the council

Browse Source
This commit is contained in:
vasco
2026-06-03 11:39:05 +01:00
parent a6860e338d
commit ab3cbb9081
1 changed files with 1 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
conf/modsecurity.conf
View File

@@ -6,6 +6,7 @@ SecDebugLogLevel 0
SecAuditLogParts ABIJ SecAuditLogParts ABIJ
SecAuditLogType Serial SecAuditLogType Serial
SecAuditLog /var/log/modsecurity/audit.log SecAuditLog /var/log/modsecurity/audit.log
SecRequestBodyJsonParser On
# sql injection # sql injection
SecRule ARGS|REQUEST_BODY "['\"].*--" \ SecRule ARGS|REQUEST_BODY "['\"].*--" \
@@ -15,11 +16,6 @@ SecRule ARGS|REQUEST_BODY "['\"].*--" \
SecRule ARGS "(?i)\b(select|insert|update|delete|drop|union|grant|alter|truncate)\b" \ SecRule ARGS "(?i)\b(select|insert|update|delete|drop|union|grant|alter|truncate)\b" \
"id:950002,phase:2,deny,status:403,msg:'SQL Injection: Keyword',log,t:urlDecode,t:lowercase" "id:950002,phase:2,deny,status:403,msg:'SQL Injection: Keyword',log,t:urlDecode,t:lowercase"
# sql3 (teste)
# SecRule ARGS|ARGS_NAMES|REQUEST_COOKIES|REQUEST_COOKIES_NAMES|REQUEST_HEADERS|XML\
# "(?i)(select\s|insert\s|update\s|delete\s|drop\s|union\s|--|#|/\*|\*/|'|\")"\
# "id:950100,phase:2,deny,status:403,msg:'SQL',log,t:urlDecode,t:lowercase"
# xss / html injection # xss / html injection
SecRule REQUEST_URI|ARGS "(<.*>)|(%3C.*%3E)" \ SecRule REQUEST_URI|ARGS "(<.*>)|(%3C.*%3E)" \
"id:950003,phase:1,deny,status:403,msg:'XSS/HTML INJECTION DETECTED!!!',log" "id:950003,phase:1,deny,status:403,msg:'XSS/HTML INJECTION DETECTED!!!',log"