File tree Expand file tree Collapse file tree 2 files changed +2
-38
lines changed
Expand file tree Collapse file tree 2 files changed +2
-38
lines changed Original file line number Diff line number Diff line change 125125 <name >XSS attack</name >
126126 <ruleSetAction >log,deny,status:403,msg:'XSS attack'</ruleSetAction >
127127 <enabled >1</enabled >
128- <ruleSet >SecFilterSelective ARGS " (alert|expression|eval|url)[[:space:]]*\("
129- SecFilterSelective ARGS " (& \{.+\}|(& #[[0-9a-fA-F]]|\x5cx[0-9a-fA-F]){2})"
130-
131- SecFilterSelective ARGS " ((javascript|vbscript):|style[[:space:]]*=)"
132- SecFilterSelective ARGS " (fromCharCode|http-equiv|< .+> |innerHTML|dynsrc|--> )"
133- SecFilterSelective ARGS " document\.(body|cookie|location|write)"
134-
135- SecFilterSelective ARGS_VALUES " jsessionid|phpsessid|onReadyStateChange|xmlHttp"
136-
137- SecFilterSelective ARGS "< (applet|div|embed|iframe|img|meta|object|script|textarea)"
138-
139- # JavaScript event handlers
140- SecFilterSelective ARGS " on(Abort|Blur|Click|DblClick|DragDrop|Error|Focus|KeyUp|KeyDown|KeyPrerss|Load|Mouse(Down|Out|Over|Up)|Move|Reset|Resize|Select|Submit|Unload)" </ruleSet >
128+ <ruleSet ></ruleSet >
141129 </censorshipRuleSet >
142130 <censorshipRuleSet >
143131 <name >SQL injection</name >
Original file line number Diff line number Diff line change 125125 <name >XSS attack</name >
126126 <ruleSetAction >log,deny,status:403,msg:'XSS attack'</ruleSetAction >
127127 <enabled >1</enabled >
128- <ruleSet >SecFilterSelective ARGS " (alert|expression|eval|url)[[:space:]]*\("
129- SecFilterSelective ARGS " (& \{.+\}|(& #[[0-9a-fA-F]]|\x5cx[0-9a-fA-F]){2})"
130-
131- SecFilterSelective ARGS " ((javascript|vbscript):|style[[:space:]]*=)"
132- SecFilterSelective ARGS " (fromCharCode|http-equiv|< .+> |innerHTML|dynsrc|--> )"
133- SecFilterSelective ARGS " document\.(body|cookie|location|write)"
134-
135- SecFilterSelective ARGS_VALUES " jsessionid|phpsessid|onReadyStateChange|xmlHttp"
136-
137- SecFilterSelective ARGS "< (applet|div|embed|iframe|img|meta|object|script|textarea)"
138-
139- # JavaScript event handlers
140- SecFilterSelective ARGS " on(Abort|Blur|Click|DblClick|DragDrop|Error|Focus|KeyUp|KeyDown|KeyPrerss|Load|Mouse(Down|Out|Over|Up)|Move|Reset|Resize|Select|Submit|Unload)" </ruleSet >
141- </censorshipRuleSet >
142- <censorshipRuleSet >
143- <name >SQL injection</name >
144- <ruleSetAction >log,pass,msg:'SQL Injection attack'</ruleSetAction >
145- <enabled >1</enabled >
146- <ruleSet >#SQL generic
147- SecFilterSelective ARGS " drop[[:space:]]+(database|table|column|procedure)"
148- SecFilterSelective ARGS " delete[[:space:]]+from|create[[:space:]]+table|update.+set.+=|insert[[:space:]]+into.+values"
149- SecFilterSelective ARGS " select.+from|bulk[[:space:]]+insert|union.+select|alter[[:space:]]+table"
150- SecFilterSelective ARGS " or.+1[[:space:]]*=[[:space:]]1|or 1=1--'|'.+--"
151-
152- SecFilterSelective ARGS " into[[:space:]]+outfile|load[[:space:]]+data|/\*.+\*/" </ruleSet >
128+ <ruleSet ></ruleSet >
153129 </censorshipRuleSet >
154130 <accessDenyDir >
155131 <dir >/</dir >
You can’t perform that action at this time.
0 commit comments