当前位置: 文江博客话题详情

modsecurity:SecRule REQUEST_METHOD“!^OPTIONS$” “t:无”

发布于 2024-12-09 22:44:14 字数 1275 浏览 1 评论 0原文

Modsecurity 问题...

下面的 REQUEST_METHOD 测试在做什么?它出现两次。

SecRule REQUEST_METHOD "!^OPTIONS$" "t:none"

SecRule &REQUEST_HEADERS:Accept "@eq 0" \
    "chain,phase:2,skip:1,t:none,deny,log,auditlog,status:400,msg:'Request Missing an Accept Header', severity:'2',id:'960015',tag:'PROTOCOL_VIOLATION/MISSING_HEADER'"
SecRule REQUEST_METHOD "!^OPTIONS$" "t:none"
SecRule REQUEST_HEADERS:Accept "^$" \
    "chain,phase:2,t:none,deny,log,auditlog,status:400,msg:'Request Missing an Accept Header', severity:'2',id:'960015',tag:'PROTOCOL_VIOLATION/MISSING_HEADER'"
SecRule REQUEST_METHOD "!^OPTIONS$" "t:none"
SecRule &REQUEST_HEADERS:User-Agent "@eq 0" \
    "skip:1,phase:2,t:none,deny,log,auditlog,status:400,msg:'Request Missing a User Agent Header',id:'960009',tag:'PROTOCOL_VIOLATION/MISSING_HEADER',severity:'4'"
SecRule REQUEST_HEADERS:User-Agent "^$" \
    "t:none,deny,log,auditlog,status:400,msg:'Request Missing a User Agent Header',id:'960009',tag:'PROTOCOL_VIOLATION/MISSING_HEADER',severity:'4'"
SecMarker 969999

请不要解释整个事情,我可以阅读其他所有内容。看起来 REQUEST_METHOD 测试是某种巫毒……

顺便说一句,Accept 测试是错误的。根据 HTTP,Accept 选项不是必需的。

原文

Modsecurity question...

What is the REQUEST_METHOD test doing in the following? It appears twice.

SecRule REQUEST_METHOD "!^OPTIONS$" "t:none"

SecRule &REQUEST_HEADERS:Accept "@eq 0" \
    "chain,phase:2,skip:1,t:none,deny,log,auditlog,status:400,msg:'Request Missing an Accept Header', severity:'2',id:'960015',tag:'PROTOCOL_VIOLATION/MISSING_HEADER'"
SecRule REQUEST_METHOD "!^OPTIONS$" "t:none"
SecRule REQUEST_HEADERS:Accept "^$" \
    "chain,phase:2,t:none,deny,log,auditlog,status:400,msg:'Request Missing an Accept Header', severity:'2',id:'960015',tag:'PROTOCOL_VIOLATION/MISSING_HEADER'"
SecRule REQUEST_METHOD "!^OPTIONS$" "t:none"
SecRule &REQUEST_HEADERS:User-Agent "@eq 0" \
    "skip:1,phase:2,t:none,deny,log,auditlog,status:400,msg:'Request Missing a User Agent Header',id:'960009',tag:'PROTOCOL_VIOLATION/MISSING_HEADER',severity:'4'"
SecRule REQUEST_HEADERS:User-Agent "^$" \
    "t:none,deny,log,auditlog,status:400,msg:'Request Missing a User Agent Header',id:'960009',tag:'PROTOCOL_VIOLATION/MISSING_HEADER',severity:'4'"
SecMarker 969999

Please, don't explain the whole thing, I can read everything else. It looks like the REQUEST_METHOD test, however, is some sort of voodoo...

BTW, the test of the Accept is wrong. The Accept option is not mandatory as per HTTP.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

东走西顾 2024-12-16 22:44:14

虽然规则 SecRule REQUEST_METHOD "!^OPTIONS$" "t:none" 出现了两次,但每次都与另一个规则链接。

链是 ModSecurity 中的一个操作,它将两个或多个规则组合成一个规则。

第一条规则现在是:

SecRule &REQUEST_HEADERS:Accept "@eq 0" \
   "chain,phase:2,skip:1,t:none,deny,log,auditlog,status:400,msg:'Request Missing an Accept Header', severity:'2',id:'960015',tag:'PROTOCOL_VIOLATION/MISSING_HEADER'"
SecRule REQUEST_METHOD "!^OPTIONS$" "t:none"

第二条规则现在是:

SecRule REQUEST_HEADERS:Accept "^$" \
    "chain,phase:2,t:none,deny,log,auditlog,status:400,msg:'Request Missing an Accept Header', severity:'2',id:'960015',tag:'PROTOCOL_VIOLATION/MISSING_HEADER'"
SecRule REQUEST_METHOD "!^OPTIONS$" "t:none"

Although the Rule SecRule REQUEST_METHOD "!^OPTIONS$" "t:none" appeared twice but each time it is chained with another rule.

Chain is an action in ModSecurity that combine two or more Rules to form a single Rule.

1st rule is now:

SecRule &REQUEST_HEADERS:Accept "@eq 0" \
   "chain,phase:2,skip:1,t:none,deny,log,auditlog,status:400,msg:'Request Missing an Accept Header', severity:'2',id:'960015',tag:'PROTOCOL_VIOLATION/MISSING_HEADER'"
SecRule REQUEST_METHOD "!^OPTIONS$" "t:none"

2nd rule is now:

SecRule REQUEST_HEADERS:Accept "^$" \
    "chain,phase:2,t:none,deny,log,auditlog,status:400,msg:'Request Missing an Accept Header', severity:'2',id:'960015',tag:'PROTOCOL_VIOLATION/MISSING_HEADER'"
SecRule REQUEST_METHOD "!^OPTIONS$" "t:none"
回复 原文
~没有更多了~

关于作者

瘫痪情歌

暂无简介

0 文章
0 评论
24 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

已经忘了多久

文章 0 评论 0

15867725375

文章 0 评论 0

LonelySnow

文章 0 评论 0

走过海棠暮

文章 0 评论 0

轻许诺言

文章 0 评论 0

信馬由缰

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文