| <IfModule mod_security2.c> |
| |
| SecRuleEngine On |
| SecRequestBodyAccess On |
| SecRule REQUEST_HEADERS:Content-Type "text/xml" \ |
| "id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML" |
| SecRequestBodyLimit 13107200 |
| SecRequestBodyNoFilesLimit 131072 |
| SecRequestBodyInMemoryLimit 131072 |
| SecRequestBodyLimitAction Reject |
| SecRule REQBODY_ERROR "!@eq 0" \ |
| "id:'200001', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2" |
| SecRule MULTIPART_STRICT_ERROR "!@eq 0" \ |
| "id:'200002',phase:2,t:none,log,deny,status:400,msg:'Multipart request body \ |
| failed strict validation: \ |
| PE %{REQBODY_PROCESSOR_ERROR}, \ |
| BQ %{MULTIPART_BOUNDARY_QUOTED}, \ |
| BW %{MULTIPART_BOUNDARY_WHITESPACE}, \ |
| DB %{MULTIPART_DATA_BEFORE}, \ |
| DA %{MULTIPART_DATA_AFTER}, \ |
| HF %{MULTIPART_HEADER_FOLDING}, \ |
| LF %{MULTIPART_LF_LINE}, \ |
| SM %{MULTIPART_MISSING_SEMICOLON}, \ |
| IQ %{MULTIPART_INVALID_QUOTING}, \ |
| IP %{MULTIPART_INVALID_PART}, \ |
| IH %{MULTIPART_INVALID_HEADER_FOLDING}, \ |
| FL %{MULTIPART_FILE_LIMIT_EXCEEDED}'" |
| |
| SecRule MULTIPART_UNMATCHED_BOUNDARY "!@eq 0" \ |
| "id:'200003',phase:2,t:none,log,deny,status:44,msg:'Multipart parser detected a possible unmatched boundary.'" |
| |
| SecPcreMatchLimit 1000 |
| SecPcreMatchLimitRecursion 1000 |
| |
| SecRule TX:/^MSC_/ "!@streq 0" \ |
| "id:'200004',phase:2,t:none,deny,msg:'ModSecurity internal error flagged: %{MATCHED_VAR_NAME}'" |
| |
| SecResponseBodyAccess Off |
| SecDebugLog $sec_logdir/modsec_debug.log |
| SecDebugLogLevel 0 |
| SecAuditEngine RelevantOnly |
| SecAuditLogRelevantStatus "^(?:5|4(?!04))" |
| SecAuditLogParts ABIJDEFHZ |
| SecAuditLogType Serial |
| SecAuditLog $sec_logdir/modsec_audit.log |
| SecArgumentSeparator & |
| SecCookieFormat 0 |
| SecTmpDir $sec_statedir |
| SecDataDir $sec_statedir |
| |
| |
| Include modsecurity.d/*.conf |
| Include modsecurity.d/activated_rules/*.conf |
| Include modsecurity.d/local_rules/*.conf |
| |
| </IfModule> |
| |