mirror of
https://github.com/fabriziosalmi/patterns.git
synced 2025-12-17 09:45:34 +00:00
34 lines
3.2 KiB
Plaintext
34 lines
3.2 KiB
Plaintext
# Apache ModSecurity rules for INITIALIZATION
|
|
SecRuleEngine On
|
|
|
|
SecRule REQUEST_URI "@eq 0" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 0" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 0" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 0" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 0" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 0" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 0" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 0" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 0" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 0" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 0" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 0" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 0" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 0" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 0" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 0" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 0" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 0" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 0" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 0" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 0" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 1" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@rx ^.*$" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "!@rx (?:URLENCODED|MULTIPART|XML|JSON)" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 1" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "!@rx (?:URLENCODED|MULTIPART|XML|JSON)" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@eq 100" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@rx ^[a-f]*([0-9])[a-f]*([0-9])" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "!@lt %{tx.sampling_percentage}" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|
|
SecRule REQUEST_URI "@lt %{tx.blocking_paranoia_level}" "id:1000,phase:1,deny,status:403,log,msg:'initialization attack detected'"
|