[Mod-security-developers] What is this rule means?
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[Mod-security-developers] What is this rule means?
|
From: Tzury B. Y. <tzu...@re...> - 2011-11-13 13:06:46
|
Hi, Within the SLR rules I have came across several joomla rules which all share a similar syntax that looks like a query-string, e.g. SecRule REQUEST_LINE "@contains /index.php" "chain,phase:2..." > SecRule > ARGS:option=com_joomlub&controller=auction&view=auction&task=edit&aid > "(?i:UNION.+SELECT)" "ctl:auditLog..." In regards to the second part (chained), I wonder if this means: Check if within ARGS, option=comjoomla, and controller=auction and view=auction and task=edit and also do @rx matching for ARGS:aid and "(?i:UNION.+SELECT)" Did i get the meanings of this rule right? |
