91 lines
6.1 KiB
Text
Executable file
91 lines
6.1 KiB
Text
Executable file
modsecurity on;
|
|
|
|
modsecurity_rules '
|
|
SecRuleEngine On
|
|
#SecDebugLog /tmp/modsec_debug.log
|
|
#SecDebugLogLevel 9
|
|
#SecRuleRemoveById 10
|
|
#SecDataDir /var/cache/modsecurity
|
|
';
|
|
|
|
|
|
modsecurity_rules_file /etc/modsecurity/modsecurity.conf;
|
|
modsecurity_rules_file /etc/modsecurity/ownrules.conf;
|
|
|
|
#CRS
|
|
#modsecurity_rules_file /etc/modsecurity/crs/crs-setup.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/REQUEST-901-INITIALIZATION.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/REQUEST-903.9001-DRUPAL-EXCLUSION-RULES.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/REQUEST-903.9002-WORDPRESS-EXCLUSION-RULES.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/REQUEST-903.9003-NEXTCLOUD-EXCLUSION-RULES.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/REQUEST-903.9004-DOKUWIKI-EXCLUSION-RULES.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/REQUEST-903.9005-CPANEL-EXCLUSION-RULES.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/REQUEST-905-COMMON-EXCEPTIONS.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/REQUEST-910-IP-REPUTATION.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/REQUEST-911-METHOD-ENFORCEMENT.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/REQUEST-912-DOS-PROTECTION.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/REQUEST-913-SCANNER-DETECTION.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/REQUEST-920-PROTOCOL-ENFORCEMENT.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/REQUEST-921-PROTOCOL-ATTACK.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/REQUEST-930-APPLICATION-ATTACK-LFI.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/REQUEST-931-APPLICATION-ATTACK-RFI.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/REQUEST-932-APPLICATION-ATTACK-RCE.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/REQUEST-933-APPLICATION-ATTACK-PHP.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/REQUEST-941-APPLICATION-ATTACK-XSS.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/REQUEST-942-APPLICATION-ATTACK-SQLI.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/REQUEST-944-APPLICATION-ATTACK-JAVA.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/REQUEST-949-BLOCKING-EVALUATION.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/RESPONSE-950-DATA-LEAKAGES.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/RESPONSE-951-DATA-LEAKAGES-SQL.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/RESPONSE-952-DATA-LEAKAGES-JAVA.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/RESPONSE-953-DATA-LEAKAGES-PHP.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/RESPONSE-954-DATA-LEAKAGES-IIS.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/RESPONSE-959-BLOCKING-EVALUATION.conf;
|
|
#modsecurity_rules_file /usr/share/modsecurity-crs/RESPONSE-980-CORRELATION.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/crs/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf;
|
|
|
|
#
|
|
##https://waf.comodo.com/
|
|
#
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/00_Init_Initialization.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/01_Init_AppsInitialization.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/02_Global_Generic.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/03_Global_Agents.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/04_Global_Domains.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/05_Global_Incoming.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/06_Global_Backdoor.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/07_XSS_XSS.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/08_Global_Other.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/09_Bruteforce_Bruteforce.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/10_HTTP_HTTP.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/11_HTTP_HTTPDoS.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/12_HTTP_Protocol.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/13_HTTP_Request.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/14_Outgoing_FilterGen.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/15_Outgoing_FilterASP.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/16_Outgoing_FilterPHP.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/17_Outgoing_FilterSQL.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/18_Outgoing_FilterOther.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/19_Outgoing_FilterInFrame.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/20_Outgoing_FiltersEnd.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/21_PHP_PHPGen.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/22_SQL_SQLi.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/23_ROR_RORGen.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/24_Apps_Joomla.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/25_Apps_JComponent.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/26_Apps_WordPress.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/27_Apps_WPPlugin.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/28_Apps_WHMCS.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/29_Apps_Drupal.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/30_Apps_OtherApps.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/cwaf/rules/categories.conf;
|
|
|
|
|
|
#https://github.com/Rev3rseSecurity/wordpress-modsecurity-ruleset
|
|
#modsecurity_rules_file /etc/modsecurity/wordpress-modsecurity-ruleset/01-SETUP.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/wordpress-modsecurity-ruleset/02-INITIALIZATION.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/wordpress-modsecurity-ruleset/03-BRUTEFORCE.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/wordpress-modsecurity-ruleset/04-EVENTS.conf;
|
|
#modsecurity_rules_file /etc/modsecurity/wordpress-modsecurity-ruleset/05-HARDENING.conf;
|