vasco/FSI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

kys18

Browse Source
This commit is contained in:
vasco
2026-06-02 23:57:15 +01:00
parent bc450ebbb3
commit 30a9483402
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
conf/modsecurity.conf
View File

@@ -16,9 +16,9 @@ SecRule ARGS "(?i)\b(select|insert|update|delete|drop|union|grant|alter|truncate
"id:950002,phase:2,deny,status:403,msg:'SQL Injection: Keyword',log,t:urlDecode,t:lowercase"
# sql3 (teste)
SecRule ARGS|ARGS_NAMES|REQUEST_COOKIES|REQUEST_COOKIES_NAMES|REQUEST_HEADERS|XML:/*|JSON:/* \
"(?i)(select\s|insert\s|update\s|delete\s|drop\s|union\s|--|#|/\*|\*/|'|\"|%27|%22|<script>|<|>|%3C|%3E|exec\s|system\s|/etc/passwd|\.\./|%00)" \
"id:950100,phase:2,deny,status:403,msg:'SQL',log,t:urlDecode,t:lowercase"
# SecRule ARGS|ARGS_NAMES|REQUEST_COOKIES|REQUEST_COOKIES_NAMES|REQUEST_HEADERS|XML\
# "(?i)(select\s|insert\s|update\s|delete\s|drop\s|union\s|--|#|/\*|\*/|'|\")"\
# "id:950100,phase:2,deny,status:403,msg:'SQL',log,t:urlDecode,t:lowercase"
# xss / html injection
SecRule REQUEST_URI|ARGS "(<.*>)|(%3C.*%3E)" \