Pastebin launched a little side project called VERYVIRAL.com, check it out ;-) Want more features on Pastebin? Sign Up, it's FREE!
Guest

Untitled

By: a guest on Jun 10th, 2014  |  syntax: None  |  size: 1.33 KB  |  views: 237  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. SecRuleEngine On
  2. SecRequestBodyAccess On
  3. SecRule REQUEST_HEADERS:Content-Type "text/xml" \
  4.      "id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML"
  5. SecRequestBodyLimit 1048576000
  6. SecRequestBodyNoFilesLimit 73400320
  7. SecRequestBodyInMemoryLimit 1048576
  8. SecRequestBodyLimitAction Reject
  9. SecPcreMatchLimit 500000
  10. SecPcreMatchLimitRecursion 500000
  11. SecRule TX:/^MSC_/ "!@streq 0" \
  12.         "id:'200004',phase:2,t:none,deny,msg:'ModSecurity internal error flagged: %{MATCHED_VAR_NAME}'"
  13. SecResponseBodyAccess On
  14. SecResponseBodyMimeType text/plain text/html text/xml
  15. SecResponseBodyLimit 1048576
  16. SecResponseBodyLimitAction ProcessPartial
  17. SecTmpDir "C:\inetpub\temp\modsec\"
  18. SecDataDir "C:\inetpub\temp\modsec\"
  19. SecUploadDir "C:\inetpub\temp\modsec\"
  20. SecUploadKeepFiles RelevantOnly
  21. SecUploadFileMode 0640
  22. SecAuditEngine On
  23. SecStatusEngine On
  24. SecAuditLogParts ABIJKEFHZ
  25. SecAuditLogType Serial
  26. SecAuditLog "| C:\Windows\System32\inetsrv\mlogc.exe C:\Windows\System32\inetsrv\mlogc.conf"
  27. SecAuditLogStorageDir "C:\inetpub\logs\audit"
  28. SecArgumentSeparator &
  29. SecCookieFormat 0
  30. SecDefaultAction "phase:2,log,deny,status:403"
  31.  
  32. SecRule REQUEST_BODY "(?:/etc/passwd|/etc/shadow|/proc/self/environ|uname -a|uname -r)"
  33. "phase:2,t:none,t:lowercase,log,deny,id:'99001',msg:'Custom Rules - Command execution attack'"