daily pastebin goal
57%
SHARE
TWEET

Untitled

a guest Jun 10th, 2014 265 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. SecRuleEngine On
  2. SecRequestBodyAccess On
  3. SecRule REQUEST_HEADERS:Content-Type "text/xml" \
  4.      "id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML"
  5. SecRequestBodyLimit 1048576000
  6. SecRequestBodyNoFilesLimit 73400320
  7. SecRequestBodyInMemoryLimit 1048576
  8. SecRequestBodyLimitAction Reject
  9. SecPcreMatchLimit 500000
  10. SecPcreMatchLimitRecursion 500000
  11. SecRule TX:/^MSC_/ "!@streq 0" \
  12.         "id:'200004',phase:2,t:none,deny,msg:'ModSecurity internal error flagged: %{MATCHED_VAR_NAME}'"
  13. SecResponseBodyAccess On
  14. SecResponseBodyMimeType text/plain text/html text/xml
  15. SecResponseBodyLimit 1048576
  16. SecResponseBodyLimitAction ProcessPartial
  17. SecTmpDir "C:\inetpub\temp\modsec\"
  18. SecDataDir "C:\inetpub\temp\modsec\"
  19. SecUploadDir "C:\inetpub\temp\modsec\"
  20. SecUploadKeepFiles RelevantOnly
  21. SecUploadFileMode 0640
  22. SecAuditEngine On
  23. SecStatusEngine On
  24. SecAuditLogParts ABIJKEFHZ
  25. SecAuditLogType Serial
  26. SecAuditLog "| C:\Windows\System32\inetsrv\mlogc.exe C:\Windows\System32\inetsrv\mlogc.conf"
  27. SecAuditLogStorageDir "C:\inetpub\logs\audit"
  28. SecArgumentSeparator &
  29. SecCookieFormat 0
  30. SecDefaultAction "phase:2,log,deny,status:403"
  31.  
  32. SecRule REQUEST_BODY "(?:/etc/passwd|/etc/shadow|/proc/self/environ|uname -a|uname -r)"
  33. "phase:2,t:none,t:lowercase,log,deny,id:'99001',msg:'Custom Rules - Command execution attack'"
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top