8 May 15:45
Rule-Syntax for multiple Checks ?
From: Dirk Caspari <dcaspari-sec <at> eurodata.de>
Subject: Rule-Syntax for multiple Checks ?
Newsgroups: gmane.comp.apache.mod-security.user
Date: 2008-05-08 13:48:56 GMT
Subject: Rule-Syntax for multiple Checks ?
Newsgroups: gmane.comp.apache.mod-security.user
Date: 2008-05-08 13:48:56 GMT
Hello, I need help to create a positive Rule (allow) with multiple Checks. All the "CHAIN" examples I found, was only with ONE additional Check. How can I work with multiple Checks in one Rule? I want to ALLOW this REQUEST => if the URL and the Parameter-Syntax are correct ! Examples: https://XXXXXXX.XXXXXXX.de/eddfue/getMT940?berater=3 or https://XXXXXXX.XXXXXXX.de/eddfue/getMT940?berater=3&from=2008-05-05 or https://XXXXXXX.XXXXXXX.de/eddfue/getMT940?from=2008-05-05 . . I've configured something like this (!!! but it don't work !!!) SecRule REQUEST_URI "^/eddfue/(get|list)MT940" "phase:2,chain,allow,msg:'VALID URL',id:'ed-15-004',severity:'7'" SecRule ARGS_GET:from "^\d{4}-\d{2}-\d{2}$" "chain" SecRule ARGS_GET:berater "^\d+$" "chain" SecRule ARGS_GET:to "^\d{4}-\d{2}-\d{2}$" What's wrong ? ModSecurity Version: 2.5.2(Continue reading)
RSS Feed