External/patterns
1
0
Fork 0
mirror of https://github.com/fabriziosalmi/patterns.git synced 2025-12-18 10:15:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
patterns/waf_patterns/apache/initialization.conf

32 lines
3.0 KiB
Plaintext
Raw Normal View History

Automated update: OWASP CRS to Caddy and Nginx WAF rules [Sat Dec 21 00:35:03 UTC 2024]
2024-12-21 00:35:03 +00:00
# Apache ModSecurity rules for INITIALIZATION
SecRuleEngine On
Update: [Mon Jan 20 00:26:12 UTC 2025]
2025-01-20 00:26:12 +00:00
SecRule REQUEST_URI "@eq\ 0" "id:1235,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 0" "id:1232,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 0" "id:1238,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 0" "id:1244,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 0" "id:1241,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 0" "id:1225,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 0" "id:1228,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 100" "id:1250,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 0" "id:1231,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 0" "id:1237,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 0" "id:1234,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 0" "id:1240,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 0" "id:1243,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "\^\.\*\$" "id:1246,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "\^\[a\-f\]\*\(\[0\-9\]\)\[a\-f\]\*\(\[0\-9\]\)" "id:1251,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "!@rx\ \(\?:URLENCODED\|MULTIPART\|XML\|JSON\)" "id:1247,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 1" "id:1245,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 0" "id:1224,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 0" "id:1230,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 1" "id:1248,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 0" "id:1227,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 0" "id:1233,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 0" "id:1236,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 0" "id:1242,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 0" "id:1239,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "!@rx\ \(\?:URLENCODED\|MULTIPART\|XML\|JSON\)" "id:1249,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 0" "id:1226,phase:1,deny,status:403,log,msg:'initialization attack detected'"
SecRule REQUEST_URI "@eq\ 0" "id:1229,phase:1,deny,status:403,log,msg:'initialization attack detected'"
Reference in New Issue Copy Permalink