SHOW:
|
|
- or go back to the newest paste.
1 | Abdelmoughite Eljoaydi | |
2 | ||
3 | # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # | |
4 | # | |
5 | # SecRule REQUEST_COOKIES|REQUEST_COOKIES_NAMES|REQUEST_FILENAME| | |
6 | # ARGS_NAMES|ARGS|XML:/* "(?i:[ /+\t\"\'`]style[ /+\t]*?=.*?([:=]|(&[# | |
7 | # ()=]x?0*((58)|(3A)|(61)|(3D));?)).*?([(\\\\]|(&[#()=]x?0*((40)|(28)| | |
8 | # (92)|(5C));?)))" | |
9 | # "phase:2,rev:'2.2.5',id:'873314',capture,logdata:'%{TX.0}',t:none, | |
10 | # t:htmlEntityDecode,t:compressWhiteSpace,block,msg:'IE XSS Filters – | |
11 | # Attack Detected',setvar:'tx.msg=%{rule.msg}',setvar:tx.xss_score=+% | |
12 | # {tx.critical_anomaly_score},setvar:tx.anomaly_score=+% | |
13 | # {tx.critical_anomaly_score},setvar:tx.%{rule. | |
14 | # id}-WEB_ATTACK/XSS-%{matched_var_name}=%{tx.0}" | |
15 | # | |
16 | # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # | |
17 | # | |
18 | # SecRule REQUEST_COOKIES|REQUEST_COOKIES_NAMES|REQUEST_FILENAME| | |
19 | # "ARGS_NAMES|ARGS|XML:/* "(?i:<script[ /+\t].*?((type)|(codetype)|(cla | |
20 | # ssid)|(code)|(data))[ /+\t]*=)" | |
21 | # "phase:2,rev:'2.2.5',id:'873314',capture,logdata:'%{TX.0}',t:none, | |
22 | # t:htmlEntityDecode,t:compressWhiteSpace,block,msg:'IE XSS Filters – | |
23 | # Attack Detected',setvar:'tx.msg=%{rule.msg}', | |
24 | # setvar:tx.xss_score=+%{tx.critical_anomaly_score}, | |
25 | # setvar:tx.anomaly_score=+%{tx.critical_anomaly_score}, | |
26 | # setvar:tx.%{rule.id}-WEB_ATTACK/XSS-%{matched_var_name}=%{tx.0} |