External/patterns
1
0
Fork 0
mirror of https://github.com/fabriziosalmi/patterns.git synced 2025-12-18 10:15:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
patterns/waf_patterns/apache/evaluation.conf

42 lines
3.9 KiB
Plaintext
Raw Normal View History

Automated update: OWASP CRS to Caddy and Nginx WAF rules [Sat Dec 21 00:35:03 UTC 2024]
2024-12-21 00:35:03 +00:00
# Apache ModSecurity rules for EVALUATION
SecRuleEngine On
Update: [Sun Feb 2 00:27:06 UTC 2025]
2025-02-02 00:27:06 +00:00
SecRule REQUEST_URI "@ge\ 3" "id:1101,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
Update: [Sat Feb 1 00:27:37 UTC 2025]
2025-02-01 00:27:37 +00:00
SecRule REQUEST_URI "@ge\ 2" "id:1297,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
Update: [Sun Feb 2 00:27:06 UTC 2025]
2025-02-02 00:27:06 +00:00
SecRule REQUEST_URI "@ge\ 4" "id:1102,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
Update: [Sat Feb 1 00:27:37 UTC 2025]
2025-02-01 00:27:37 +00:00
SecRule REQUEST_URI "@ge\ 3" "id:1299,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
Update: [Sun Feb 2 00:27:06 UTC 2025]
2025-02-02 00:27:06 +00:00
SecRule REQUEST_URI "@ge\ 1" "id:1097,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ 4" "id:1111,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ 4" "id:1300,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
Update: [Sat Feb 1 00:27:37 UTC 2025]
2025-02-01 00:27:37 +00:00
SecRule REQUEST_URI "@ge\ 1" "id:1295,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
Update: [Sun Feb 2 00:27:06 UTC 2025]
2025-02-02 00:27:06 +00:00
SecRule REQUEST_URI "@ge\ 4" "id:1309,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@eq\ 1" "id:1113,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ 2" "id:1098,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ 2" "id:1107,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ 3" "id:1100,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@eq\ 1" "id:1311,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ %\{tx\.inbound_anomaly_score_threshold\}" "id:1112,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ 3" "id:1109,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ %\{tx\.outbound_anomaly_score_threshold\}" "id:1310,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ 3" "id:1298,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ 2" "id:1296,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ 1" "id:1096,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ 2" "id:1305,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ 4" "id:1110,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ 1" "id:1105,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
Update: [Sat Feb 1 00:27:37 UTC 2025]
2025-02-01 00:27:37 +00:00
SecRule REQUEST_URI "@ge\ 3" "id:1307,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
Update: [Sun Feb 2 00:27:06 UTC 2025]
2025-02-02 00:27:06 +00:00
SecRule REQUEST_URI "@ge\ 4" "id:1308,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ 1" "id:1294,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
Update: [Sat Feb 1 00:27:37 UTC 2025]
2025-02-01 00:27:37 +00:00
SecRule REQUEST_URI "@ge\ 1" "id:1303,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
Update: [Sun Feb 2 00:27:06 UTC 2025]
2025-02-02 00:27:06 +00:00
SecRule REQUEST_URI "@ge\ 2" "id:1106,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ %\{tx\.inbound_anomaly_score_threshold\}" "id:1114,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ %\{tx\.outbound_anomaly_score_threshold\}" "id:1312,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ 3" "id:1108,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ 2" "id:1304,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ 4" "id:1103,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ 3" "id:1306,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ 1" "id:1104,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
Update: [Sat Feb 1 00:27:37 UTC 2025]
2025-02-01 00:27:37 +00:00
SecRule REQUEST_URI "@ge\ 4" "id:1301,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
Update: [Sun Feb 2 00:27:06 UTC 2025]
2025-02-02 00:27:06 +00:00
SecRule REQUEST_URI "@ge\ 1" "id:1302,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
SecRule REQUEST_URI "@ge\ 2" "id:1099,phase:1,deny,status:403,log,msg:'evaluation attack detected'"
Reference in New Issue Copy Permalink