[Owasp-modsecurity-core-rule-set] Block upload file (jsp, php)

Ilyass Kaouam Fri, 30 Jan 2015 08:43:22 -0800

Hi ,

How can I block upload a specific file such as (.jsp/.php)
I configured this rule :
/etc/httpd/modsecurity-crs/base_rules/modsecurity_crs_30_http_policy.conf


with this :

SecAction \
  "id:'900012', \
                                                                      phase:1,
\
  t:none, \


  setvar:'tx.allowed_methods=GET HEAD POST OPTIONS', \



setvar:'tx.allowed_request_content_type=application/x-www-form-urlencoded|multipart/form-data|text/xml|application/xml|application/x-amf|application/json',
\
  setvar:'tx.allowed_http_versions=HTTP/0.9 HTTP/1.0 HTTP/1.1', \


  setvar:'tx.restricted_extensions=.asa/ .jsp/ .asax/ .ascx/ .axd/ .backup/
.bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/
.csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ \
.idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/
.pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/
.vsdisco/ .webinfo/ .xsd/ .xsx/', \
  setvar:'tx.restricted_headers=/Proxy-Connection/ /Lock-Token/
/Content-Range/ /Translate/ /via/ /if/', \

  nolog, \


  pass


But it's don't stop upload .jsp file.

Have you any idea ?

Thank you

_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
[email protected]
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set

[Owasp-modsecurity-core-rule-set] Block upload file (jsp, php)

Reply via email to