Re: [mod-security-users] limit get variable length?
Brought to you by:
victorhora,
zimmerletw
From: Reindl H. <h.r...@th...> - 2013-03-30 14:56:06
|
Am 30.03.2013 15:44, schrieb Ryan Barnett: > On Mar 30, 2013, at 10:37 AM, Reindl Harald <h.r...@th...> wrote: >> has somebody a rule to limit the length of get-values to the >> same 512 like suhosin to kiss this stupid bingbot goodbye >> with a 400/403 instead a 200 status-code? >> >> Mar 30 13:22:56 [8257] ALERT - configured GET variable value length limit exceeded - dropped variable 'pal_term' >> (attacker '157.55.36.49', file '*******/index.php') >> _____________________________ >> >> ** snip ** > > SecRules ARGS_GET "@gt 512" "t:length" PERFECT - THANK YOU! [Sat Mar 30 15:52:47.917028 2013] [:error] [pid 6895] [client 192.168.2.2] ModSecurity: Access denied with code 400 (phase 1). Operator GT matched 500 at ARGS_GET:term. [file "/etc/httpd/modsecurity.d/modsecurity_99_local_rules.conf"] [line "199"] [id "117"] [msg "argument exceeds 500 chars"] [hostname "www.rhsoft.net"] [uri "/show_content.php"] [unique_id "UVb8P8CoAgIAABrv5@AAAAAC"] # 30.03.2013 SecRule ARGS_GET "@gt 500" "t:length,id:'117',capture,phase:1,block,msg:'argument exceeds 500 chars'" |