From c528f4844bd5b9ec73e437a5dd5a4d1d90c6ee8a Mon Sep 17 00:00:00 2001
From: vasco <vasco@vascoalves.xyz>
Date: Sun, 31 May 2026 15:24:32 +0100
Subject: [PATCH] fixed 3 (for real this time)

---
 conf/modsecurity.conf | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/conf/modsecurity.conf b/conf/modsecurity.conf
index 0dc20ea..9e557c1 100644
--- a/conf/modsecurity.conf
+++ b/conf/modsecurity.conf
@@ -8,16 +8,21 @@ SecAuditLogType Serial
 #SecAuditLog /var/log/modsecurity/audit.log
 
 # SQL Injection protection
-SecRule ARGS "(?i)(union(\s+all)?\s+select|select\s+.*\s+from|insert\s+into|update\s+.*\s+set|delete\s+from|drop\s+table|or\s+1=1|--|#|/\*|\*/|\bexec\b|\bexecute\b)" "id:'950001',phase:2,deny,status:403,msg:'SQL Injection Attack Detected',log"
+SecRule ARGS "(?i)(union(\s+all)?\s+select|select\s+.*\s+from|insert\s+into|update\s+.*\s+set|delete\s+from|drop\s+table|or\s+1=1|--|#|/\*|\*/|\bexec\b|\bexecute\b)" \
+    "id:950001,phase:2,deny,status:403,msg:'SQL Injection Attack Detected',log"
 
 # XSS / HTML Injection protection
-SecRule ARGS "(?i)<script|javascript:|on\\w+=|<img|<svg|<iframe|<object|<embed|<form|<input|%3c|%3e|%22|%27|%60" "id:'950003',phase:2,deny,status:403,msg:'XSS/HTML Injection Detected',log"
+SecRule ARGS "(?i)(<script|javascript:|on\w+=|<img|<svg|<iframe|<object|<embed|<form|<input|%3c|%3e|%22|%27|%60)" \
+    "id:950003,phase:2,deny,status:403,msg:'XSS/HTML Injection Detected',log"
 
 # Remote File Inclusion protection
-SecRule ARGS "(?i)(https?|ftp)://" "id:'950005',phase:2,deny,status:403,msg:'Remote File Inclusion Attempt',log"
+SecRule ARGS "(?i)(https?|ftp)://" \
+    "id:950005,phase:2,deny,status:403,msg:'Remote File Inclusion Attempt',log"
 
 # Command Injection protection
-SecRule ARGS "(?i)(;|&&|\|\||\$\(|\`|\bexec\b|\bcmd\b|\bsystem\b)" "id:'950006',phase:2,deny,status:403,msg:'Command Injection Detected',log"
+SecRule ARGS "(?i)(;|&&|\|\||\$\(|\`|\bexec\b|\bcmd\b|\bsystem\b)" \
+    "id:950006,phase:2,deny,status:403,msg:'Command Injection Detected',log"
 
 # Path Traversal protection
-SecRule ARGS "(\../|\..\\)" "id:'950007',phase:2,deny,status:403,msg:'Path Traversal Attempt',log"
\ No newline at end of file
+SecRule ARGS "(\./|\.\./)" \
+    "id:950007,phase:2,deny,status:403,msg:'Path Traversal Attempt',log"
\ No newline at end of file