vasco/FSI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
51060422d15c48b3377d5165c92ad069346ca211
FSI/conf/modsecurity.conf
vasco e3d7b83059 mod security
2026-05-31 20:11:27 +01:00

24 lines
753 B
Plaintext
Raw Blame History

SecRuleEngine On
SecRequestBodyAccess On
SecResponseBodyAccess Off
SecDebugLog /var/log/modsecurity/debug.log
SecDebugLogLevel 0
SecAuditLogParts ABIJ
SecAuditLogType Serial
SecAuditLog /var/log/modsecurity/audit.log
# sql injection
SecRule ARGS "['\";]|--" \
"id:950001,phase:2,deny,status:403,msg:'SQL Injection Attack Detected',log"
# xss / html injection
SecRule ARGS "<.*>" \
"id:950003,phase:2,deny,status:403,msg:'XSS/HTML Injection Detected',log"
# command injection
SecRule ARGS "exec|cat|more|ls|dir|/etc/passwd" \
"id:950006,phase:2,deny,status:403,msg:'Command Injection Detected',log"
# path traversal
SecRule ARGS "(\./|\.\./)|ftp|metrics|api-docs" \
"id:950007,phase:2,deny,status:403,msg:'Path Traversal Attempt',log"
Reference in New Issue View Git Blame Copy Permalink