Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Abdelmoughite Eljoaydi
- # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
- #
- # SecRule REQUEST_COOKIES|REQUEST_COOKIES_NAMES|REQUEST_FILENAME|
- # ARGS_NAMES|ARGS|XML:/* "(?i:[ /+\t\"\'`]style[ /+\t]*?=.*?([:=]|(&[#
- # ()=]x?0*((58)|(3A)|(61)|(3D));?)).*?([(\\\\]|(&[#()=]x?0*((40)|(28)|
- # (92)|(5C));?)))"
- # "phase:2,rev:'2.2.5',id:'873314',capture,logdata:'%{TX.0}',t:none,
- # t:htmlEntityDecode,t:compressWhiteSpace,block,msg:'IE XSS Filters –
- # Attack Detected',setvar:'tx.msg=%{rule.msg}',setvar:tx.xss_score=+%
- # {tx.critical_anomaly_score},setvar:tx.anomaly_score=+%
- # {tx.critical_anomaly_score},setvar:tx.%{rule.
- # id}-WEB_ATTACK/XSS-%{matched_var_name}=%{tx.0}"
- #
- # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
- #
- # SecRule REQUEST_COOKIES|REQUEST_COOKIES_NAMES|REQUEST_FILENAME|
- # "ARGS_NAMES|ARGS|XML:/* "(?i:<script[ /+\t].*?((type)|(codetype)|(cla
- # ssid)|(code)|(data))[ /+\t]*=)"
- # "phase:2,rev:'2.2.5',id:'873314',capture,logdata:'%{TX.0}',t:none,
- # t:htmlEntityDecode,t:compressWhiteSpace,block,msg:'IE XSS Filters –
- # Attack Detected',setvar:'tx.msg=%{rule.msg}',
- # setvar:tx.xss_score=+%{tx.critical_anomaly_score},
- # setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},
- # setvar:tx.%{rule.id}-WEB_ATTACK/XSS-%{matched_var_name}=%{tx.0}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
