|
Packit Service |
384592 |
### Tests all of the actions in each phase
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
# Pass
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "pass in phase:1",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecAction "phase:1,pass,id:500033"
|
|
Packit Service |
384592 |
SecAction "phase:1,deny,id:500034"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction/, 1 ],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => qr/^403$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "pass in phase:2",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecAction "phase:2,pass,id:500035"
|
|
Packit Service |
384592 |
SecAction "phase:2,deny,id:500036"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction/, 1 ],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => qr/^403$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "pass in phase:3",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecDebugLog "$ENV{DEBUG_LOG}"
|
|
Packit Service |
384592 |
SecDebugLogLevel 4
|
|
Packit Service |
384592 |
SecAction "phase:3,pass,id:500037"
|
|
Packit Service |
384592 |
SecAction "phase:3,deny,id:500038"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction/, 1 ],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => qr/^403$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "pass in phase:4",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecDebugLog "$ENV{DEBUG_LOG}"
|
|
Packit Service |
384592 |
SecDebugLogLevel 4
|
|
Packit Service |
384592 |
SecAction "phase:4,pass,id:500039"
|
|
Packit Service |
384592 |
SecAction "phase:4,deny,id:500040"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => [ qr/ModSecurity: Warning. Unconditional match in SecAction/, 1 ],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => qr/^403$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
# Allow
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "allow in phase:1",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecAction "phase:1,allow,id:500041"
|
|
Packit Service |
384592 |
SecAction "phase:1,deny,id:500042"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => [ qr/ModSecurity: Access allowed \(phase 1\). Unconditional match in SecAction/, 1 ],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => qr/^200$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "allow in phase:2",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecAction "phase:2,allow,id:500043"
|
|
Packit Service |
384592 |
SecAction "phase:2,deny,id:500044"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => [ qr/ModSecurity: Access allowed \(phase 2\). Unconditional match in SecAction/, 1 ],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => qr/^200$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "allow in phase:3",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecDebugLog "$ENV{DEBUG_LOG}"
|
|
Packit Service |
384592 |
SecDebugLogLevel 4
|
|
Packit Service |
384592 |
SecAction "phase:3,allow,id:500045"
|
|
Packit Service |
384592 |
SecAction "phase:3,deny,id:500046"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => [ qr/ModSecurity: Access allowed \(phase 3\). Unconditional match in SecAction/, 1 ],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => qr/^200$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "allow in phase:4",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecDebugLog "$ENV{DEBUG_LOG}"
|
|
Packit Service |
384592 |
SecDebugLogLevel 4
|
|
Packit Service |
384592 |
SecAction "phase:4,allow,id:500047"
|
|
Packit Service |
384592 |
SecAction "phase:4,deny,id:500048"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => [ qr/ModSecurity: Access allowed \(phase 4\). Unconditional match in SecAction/, 1 ],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => qr/^200$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
# Deny
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "deny in phase:1",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecAction "phase:1,deny,id:500049"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => [ qr/Access denied with code 403 \(phase 1\). Unconditional match in SecAction./, 1 ],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => qr/^403$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "deny in phase:2",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecAction "phase:2,deny,id:500050"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => [ qr/Access denied with code 403 \(phase 2\). Unconditional match in SecAction./, 1 ],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => qr/^403$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "deny in phase:3",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecDebugLog "$ENV{DEBUG_LOG}"
|
|
Packit Service |
384592 |
SecDebugLogLevel 4
|
|
Packit Service |
384592 |
SecAction "phase:3,deny,id:500051"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => [ qr/Access denied with code 403 \(phase 3\). Unconditional match in SecAction./, 1 ],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => qr/^403$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "deny in phase:4",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecDebugLog "$ENV{DEBUG_LOG}"
|
|
Packit Service |
384592 |
SecDebugLogLevel 4
|
|
Packit Service |
384592 |
SecAction "phase:4,deny,id:500052"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => [ qr/Access denied with code 403 \(phase 4\). Unconditional match in SecAction./, 1 ],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => qr/^403$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
# Drop
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "drop in phase:1",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecAction "phase:1,drop,id:500053"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => [ qr/Access denied with connection close \(phase 1\). Unconditional match in SecAction./, 1 ],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => qr/^500$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "drop in phase:2",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecAction "phase:2,drop,id:500054"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => [ qr/Access denied with connection close \(phase 2\). Unconditional match in SecAction./, 1 ],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => qr/^500$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "drop in phase:3",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecDebugLog "$ENV{DEBUG_LOG}"
|
|
Packit Service |
384592 |
SecDebugLogLevel 4
|
|
Packit Service |
384592 |
SecAction "phase:3,drop,id:500055"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => [ qr/Access denied with connection close \(phase 3\). Unconditional match in SecAction./, 1 ],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => qr/^500$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "drop in phase:4",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecDebugLog "$ENV{DEBUG_LOG}"
|
|
Packit Service |
384592 |
SecDebugLogLevel 4
|
|
Packit Service |
384592 |
SecAction "phase:4,drop,id:500056"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => [ qr/Access denied with connection close \(phase 4\). Unconditional match in SecAction./, 1 ],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => qr/^500$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
# Redirect
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "redirect in phase:1 (get)",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecRule REQUEST_URI "\@streq /test2.txt" "phase:1,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500001"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => [ qr/ModSecurity: Access denied with redirection to .* using status 302 \(phase 1\)/, 1 ],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => qr/^200$/,
|
|
Packit Service |
384592 |
content => qr/^TEST$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "redirect in phase:2 (get)",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecRule REQUEST_URI "\@streq /test2.txt" "phase:2,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500002"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => [ qr/ModSecurity: Access denied with redirection to .* using status 302 \(phase 2\)/, 1 ],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => qr/^200$/,
|
|
Packit Service |
384592 |
content => qr/^TEST$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "redirect in phase:3 (get)",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecDebugLog "$ENV{DEBUG_LOG}"
|
|
Packit Service |
384592 |
SecDebugLogLevel 4
|
|
Packit Service |
384592 |
SecRule REQUEST_URI "\@streq /test2.txt" "phase:3,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500003"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => [ qr/ModSecurity: Access denied with redirection to .* using status 302 \(phase 3\)/, 1 ],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => qr/^200$/,
|
|
Packit Service |
384592 |
content => qr/^TEST$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "redirect in phase:4 (get)",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecDebugLog "$ENV{DEBUG_LOG}"
|
|
Packit Service |
384592 |
SecDebugLogLevel 4
|
|
Packit Service |
384592 |
SecRule REQUEST_URI "\@streq /test2.txt" "phase:4,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500004"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => [ qr/ModSecurity: Access denied with redirection to .* using status 302 \(phase 4\)/, 1 ],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => qr/^200$/,
|
|
Packit Service |
384592 |
content => qr/^TEST$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
# Proxy
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "proxy in phase:1 (get)",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecRule REQUEST_URI "\@streq /test2.txt" "phase:1,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500005"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => {
|
|
Packit Service |
384592 |
apache => [qr/ModSecurity: Access denied using proxy to \(phase 1\)/, 1],
|
|
Packit Service |
384592 |
nginx => [qr/ModSecurity: Access denied with code 500 \(phase 1\) \(Configuration Error: Proxy action to .* requested but proxy is only available in Apache version\)./, 1],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => {
|
|
Packit Service |
384592 |
apache => qr/^200$/,
|
|
Packit Service |
384592 |
nginx => qr/^500$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
content => {
|
|
Packit Service |
384592 |
apache => qr/^TEST$/,
|
|
Packit Service |
384592 |
nginx => qr/^*$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "nocanon proxy in phase:1 (get)",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecRule REQUEST_URI "\@streq /test2.txt" "phase:1,proxy:'[nocanon]http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500005"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => {
|
|
Packit Service |
384592 |
apache => [qr/ModSecurity: Access denied using proxy to \(phase 1\)/, 1],
|
|
Packit Service |
384592 |
nginx => [qr/ModSecurity: Access denied with code 500 \(phase 1\) \(Configuration Error: Proxy action to .* requested but proxy is only available in Apache version\)./, 1],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => {
|
|
Packit Service |
384592 |
apache => qr/^200$/,
|
|
Packit Service |
384592 |
nginx => qr/^500$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
content => {
|
|
Packit Service |
384592 |
apache => qr/^TEST$/,
|
|
Packit Service |
384592 |
nginx => qr/^*$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "proxy in phase:2 (get)",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecRule REQUEST_URI "\@streq /test2.txt" "phase:2,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500006"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => {
|
|
Packit Service |
384592 |
apache => [qr/ModSecurity: Access denied using proxy to \(phase 2\)/, 1],
|
|
Packit Service |
384592 |
nginx => [qr/ModSecurity: Access denied with code 500 \(phase 2\) \(Configuration Error: Proxy action to .* requested but proxy is only available in Apache version\)./, 1],
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => {
|
|
Packit Service |
384592 |
apache => qr/^200$/,
|
|
Packit Service |
384592 |
nginx => qr/^500$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
content => {
|
|
Packit Service |
384592 |
apache => qr/^TEST$/,
|
|
Packit Service |
384592 |
nginx => qr/^*$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "proxy in phase:3 (get)",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecDebugLog "$ENV{DEBUG_LOG}"
|
|
Packit Service |
384592 |
SecDebugLogLevel 4
|
|
Packit Service |
384592 |
SecRule REQUEST_URI "\@streq /test2.txt" "phase:3,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500007"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => {
|
|
Packit Service |
384592 |
apache => [qr/ModSecurity: Access denied with code 500 \(phase 3\) \(Configuration Error: Proxy action requested but it does not work in output phases\)./, 1],
|
|
Packit Service |
384592 |
nginx => [qr/ModSecurity: Access denied with code 500 \(phase 3\) \(Configuration Error: Proxy action to .* requested but proxy is only available in Apache version\)./, 1],
|
|
Packit Service |
384592 |
}
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => {
|
|
Packit Service |
384592 |
apache => qr/^500$/,
|
|
Packit Service |
384592 |
nginx => qr/^500$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
{
|
|
Packit Service |
384592 |
type => "action",
|
|
Packit Service |
384592 |
comment => "proxy in phase:4 (get)",
|
|
Packit Service |
384592 |
conf => qq(
|
|
Packit Service |
384592 |
SecRuleEngine On
|
|
Packit Service |
384592 |
SecRequestBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyAccess On
|
|
Packit Service |
384592 |
SecResponseBodyMimeType null
|
|
Packit Service |
384592 |
SecDebugLog "$ENV{DEBUG_LOG}"
|
|
Packit Service |
384592 |
SecDebugLogLevel 4
|
|
Packit Service |
384592 |
SecRule REQUEST_URI "\@streq /test2.txt" "phase:4,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500008"
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
match_log => {
|
|
Packit Service |
384592 |
error => {
|
|
Packit Service |
384592 |
apache => [qr/ModSecurity: Access denied with code 500 \(phase 4\) \(Configuration Error: Proxy action requested but it does not work in output phases\)./, 1],
|
|
Packit Service |
384592 |
nginx => [qr/ModSecurity: Access denied with code 500 \(phase 4\) \(Configuration Error: Proxy action to .* requested but proxy is only available in Apache version\)./, 1],
|
|
Packit Service |
384592 |
}
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
match_response => {
|
|
Packit Service |
384592 |
status => {
|
|
Packit Service |
384592 |
apache => qr/^500$/,
|
|
Packit Service |
384592 |
nginx => qr/^500$/,
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
},
|
|
Packit Service |
384592 |
request => new HTTP::Request(
|
|
Packit Service |
384592 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
|
|
Packit Service |
384592 |
),
|
|
Packit Service |
384592 |
},
|