Re: [Mod-security-developers] Triggered rule specified in response
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [Mod-security-developers] Triggered rule specified in response
|
From: Justin S. <ju...@me...> - 2013-06-06 14:06:32
|
Thanks Ryan. I have it mostly figured out and implemented however I have a question. For the ModSec demo page, did you add a setenv to every core rule so the rules name gets added to the response headers? Mind sharing the rules folder for the demo page so I can see how you have it implemented? Justin Searle Managing Partner - UtiliSec +1 801-784-2052 On Sat, May 25, 2013 at 11:32 AM, Ryan Barnett <RBa...@tr...> wrote: > Yes it can be done as we do this as part of our demo here - > http://www.modsecurity.org/demo/phpids?test=YourPayloadHere%27+or+%272%27+%21%3D+%275%27%3B-- > > Take a look at these rules for some similar functionality - > https://github.com/SpiderLabs/owasp-modsecurity-crs/blob/master/optional_rules/modsecurity_crs_49_header_tagging.conf > > Basically you need to use setenv and then in the HTML page use SSI to > populate the data from setenv. > > -- > Ryan Barnett > > > On May 25, 2013, at 12:00 PM, "Justin Searle" <ju...@me...> wrote: > > Hi guys. I'm working on a new security course, and I was wondering if > there is a simple way to have ModSec add which rule was triggered (and > maybe the rule's regex) in the 403 response. Is that possible by > throwing in the some variable in the SecDefaultAction directive, or by > some other means? > > Justin Searle > Managing Partner - UtiliSec > +1 801-784-2052 > > ------------------------------------------------------------------------------ > Try New Relic Now & We'll Send You this Cool Shirt > New Relic is the only SaaS-based application performance monitoring service > that delivers powerful full stack analytics. Optimize and monitor your > browser, app, & servers with just a few lines of code. Try New Relic > and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may > _______________________________________________ > mod-security-developers mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-developers > ModSecurity Services from Trustwave's SpiderLabs: > https://www.trustwave.com/spiderLabs.php > > > ________________________________ > > This transmission may contain information that is privileged, confidential, > and/or exempt from disclosure under applicable law. If you are not the > intended recipient, you are hereby notified that any disclosure, copying, > distribution, or use of the information contained herein (including any > reliance thereon) is STRICTLY PROHIBITED. If you received this transmission > in error, please immediately contact the sender and destroy the material in > its entirety, whether in electronic or hard copy format. > > ------------------------------------------------------------------------------ > Try New Relic Now & We'll Send You this Cool Shirt > New Relic is the only SaaS-based application performance monitoring service > that delivers powerful full stack analytics. Optimize and monitor your > browser, app, & servers with just a few lines of code. Try New Relic > and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may > _______________________________________________ > mod-security-developers mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-developers > ModSecurity Services from Trustwave's SpiderLabs: > https://www.trustwave.com/spiderLabs.php |
