Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commite90874a

Browse files
Ulisses AlbuquerqueFelipe Zimmerle
Ulisses Albuquerque
authored and
Felipe Zimmerle
committed
Added sample JSON content-type rule
1 parentc23097c commite90874a

File tree

1 file changed

+10
-4
lines changed

1 file changed

+10
-4
lines changed

‎modsecurity.conf-recommended‎

Lines changed: 10 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,12 @@ SecRequestBodyAccess On
2222
SecRule REQUEST_HEADERS:Content-Type "text/xml" \
2323
"id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML"
2424

25+
# Enable JSON request body parser.
26+
# Initiate JSON Processor in case of JSON content-type; change accordingly
27+
# if your application does not use 'application/json'
28+
#
29+
SecRule REQUEST_HEADERS:Content-Type "application/json" \
30+
"id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON"
2531

2632
# Maximum request body size we will accept for buffering. If you support
2733
# file uploads then the value given on the first line has to be as large
@@ -51,15 +57,15 @@ SecRequestBodyLimitAction Reject
5157
# or log a high-severity alert (when deployed in detection-only mode).
5258
#
5359
SecRule REQBODY_ERROR "!@eq 0" \
54-
"id:'200001', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2"
60+
"id:'200002', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2"
5561

5662
# By default be strict with what we accept in the multipart/form-data
5763
# request body. If the rule below proves to be too strict for your
5864
# environment consider changing it to detection-only. You are encouraged
5965
# _not_ to remove it altogether.
6066
#
6167
SecRule MULTIPART_STRICT_ERROR "!@eq 0" \
62-
"id:'200002',phase:2,t:none,log,deny,status:400, \
68+
"id:'200003',phase:2,t:none,log,deny,status:400, \
6369
msg:'Multipart request body failed strict validation: \
6470
PE %{REQBODY_PROCESSOR_ERROR}, \
6571
BQ %{MULTIPART_BOUNDARY_QUOTED}, \
@@ -77,7 +83,7 @@ FL %{MULTIPART_FILE_LIMIT_EXCEEDED}'"
7783
# Did we see anything that might be a boundary?
7884
#
7985
SecRule MULTIPART_UNMATCHED_BOUNDARY "!@eq 0" \
80-
"id:'200003',phase:2,t:none,log,deny,msg:'Multipart parser detected a possible unmatched boundary.'"
86+
"id:'200004',phase:2,t:none,log,deny,msg:'Multipart parser detected a possible unmatched boundary.'"
8187

8288
# PCRE Tuning
8389
# We want to avoid a potential RegEx DoS condition
@@ -91,7 +97,7 @@ SecPcreMatchLimitRecursion 1000
9197
# MSC_PCRE_LIMITS_EXCEEDED: PCRE match limits were exceeded.
9298
#
9399
SecRule TX:/^MSC_/ "!@streq 0" \
94-
"id:'200004',phase:2,t:none,deny,msg:'ModSecurity internal error flagged: %{MATCHED_VAR_NAME}'"
100+
"id:'200005',phase:2,t:none,deny,msg:'ModSecurity internal error flagged: %{MATCHED_VAR_NAME}'"
95101

96102

97103
# -- Response body handling --------------------------------------------------

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp