We misunsderstood how modsecurity used the init rules
They do not modify files and are necessary for the core rules to function.
This commit is contained in:
parent
49aff3892c
commit
0e98f24f42
|
@ -39,19 +39,12 @@ SecTmpDir /tmp
|
||||||
# RULES
|
# RULES
|
||||||
#########
|
#########
|
||||||
|
|
||||||
# File name
|
|
||||||
SecRule REQUEST_FILENAME "modsecuritytest1" "id:1"
|
|
||||||
# Complete URI
|
|
||||||
SecRule REQUEST_URI "modsecuritytest2" "id:2"
|
|
||||||
SecRule REQUEST_FILENAME "(?:n(?:map|et|c)|w(?:guest|sh)|cmd(?:32)?|telnet|rcmd|ftp)\.exe" "id:3"
|
|
||||||
|
|
||||||
Include /usr/share/modsecurity-crs/owasp-crs.load
|
Include /usr/share/modsecurity-crs/owasp-crs.load
|
||||||
|
|
||||||
# Removed because it does not play well with apache-itk
|
|
||||||
SecRuleRemoveById "901000-901999"
|
|
||||||
|
|
||||||
# Removed because IP reputation based blocking is hard to predict
|
# Removed because it does not play well with apache-itk
|
||||||
# and reason about
|
# Can be removed when modsecurity 2.9.3 hits debian
|
||||||
|
# See https://github.com/SpiderLabs/ModSecurity/issues/712
|
||||||
SecRuleRemoveById "910000-910999"
|
SecRuleRemoveById "910000-910999"
|
||||||
|
|
||||||
</IfModule>
|
</IfModule>
|
||||||
|
|
Loading…
Reference in a new issue