ModSecurity-apache/t/conf/extra.conf.in at 40e6313b1cc9ed96c9be03a734d96d9b935bddd2 · owasp-modsecurity/ModSecurity-apache · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61


CoreDumpDirectory /tmp/

Include @ServerRoot@/.././t/conf/modules.conf

LoadModule security3_module "@ServerRoot@/.././src/.libs/mod_security3.so"


# Lets make sure that the engine is on.
modsecurity_rules 'SecRuleEngine On'
modsecurity_rules 'SecDefaultAction "phase:2,log,auditlog,deny,status:403"'

# Debug logs
modsecurity_rules 'SecDebugLog @ServerRoot@/logs/debug_logs.txt'
modsecurity_rules 'SecDebugLogLevel 9'


<Directory "@ServerRoot@/htdocs/block-evil-1">
    modsecurity_rules 'SecRule REQUEST_URI "evil" "phase:1,id:111,log,status:403,block,deny"'
</Directory>

<Directory "@ServerRoot@/htdocs/block-evil-2">
    modsecurity_rules 'SecRule ARGS "evil" "phase:2,id:112,log,status:403,block,deny"'
</Directory>

<Directory "@ServerRoot@/htdocs/block-evil-3">
    modsecurity_rules 'SecRule ARGS "evil" "phase:3,id:113,log,status:403,block,deny"'
</Directory>

<Directory "@ServerRoot@/htdocs/block-evil-4">
    modsecurity_rules 'SecResponseBodyAccess On'
    modsecurity_rules 'SecRule ARGS "evil" "phase:4,id:114,log,status:403,block,deny"'
</Directory>

<Directory "@ServerRoot@/htdocs/block-evil-5">
    modsecurity_rules 'SecRule ARGS "evil" "phase:5,id:115,log,status:403,block,deny"'
</Directory>


<Location "/block-evil-1-loc">
    modsecurity_rules 'SecRule REQUEST_URI "evil" "phase:1,id:111,log,status:402,block,deny"'
</Location>

<Location "/block-evil-2-loc">
    modsecurity_rules 'SecRule ARGS "evil" "phase:2,id:112,log,status:402,block,deny"'
</Location>

<Location "/block-evil-3-loc">
    modsecurity_rules 'SecRule ARGS "evil" "phase:3,id:113,log,status:402,block,deny"'
</Location>

<Location "/block-evil-4-loc">
    modsecurity_rules 'SecResponseBodyAccess On'
    modsecurity_rules 'SecRule ARGS "evil" "phase:4,id:1134,log,status:402,block,deny"'
</Location>

<Location "/block-evil-5-loc">
    modsecurity_rules 'SecRule ARGS "evil" "phase:5,id:114,log,status:402,block,deny"'
</Location>