system: Linux mars.sprixweb.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
# ---------------------------------------------------------------
# Comodo ModSecurity Rules
# Copyright (C) 2022 Comodo Security solutions All rights reserved.
#
# The COMODO SECURITY SOLUTIONS Mod Security Rule Set is distributed under
# THE COMODO SECURITY SOLUTIONS END USER LICENSE AGREEMENT,
# Please see the enclosed LICENCE file for full details.
# ---------------------------------------------------------------
# This is a FILE CONTAINING CHANGED or MODIFIED RULES FROM THE:
# OWASP ModSecurity Core Rule Set (CRS)
# ---------------------------------------------------------------
SecRule &TX:ARG_NAME_LENGTH "@eq 1" \
"id:210600,chain,msg:'COMODO WAF: Argument name too long||%{tx.domain}|%{tx.mode}|4',phase:2,block,t:none,rev:1,severity:4,tag:'CWAF',tag:'Request'"
SecRule ARGS_NAMES "@gt %{tx.arg_name_length}" \
"setvar:'tx.points=+%{tx.points_limit1}',t:none,t:length"
SecRule &TX:ARG_LENGTH "@eq 1" \
"id:210610,chain,msg:'COMODO WAF: Argument value too long||%{tx.domain}|%{tx.mode}|4',phase:2,block,t:none,rev:1,severity:4,tag:'CWAF',tag:'Request'"
SecRule ARGS "@gt %{tx.arg_length}" \
"setvar:'tx.points=+%{tx.points_limit1}',t:none,t:length"
SecRule &TX:MAX_NUM_ARGS "@eq 1" \
"id:210620,chain,msg:'COMODO WAF: Too many arguments in request||%{tx.domain}|%{tx.mode}|4',phase:2,block,t:none,rev:1,severity:4,tag:'CWAF',tag:'Request'"
SecRule &ARGS "@gt %{tx.max_num_args}" \
"setvar:'tx.points=+%{tx.points_limit1}',t:none"
SecRule &TX:TOTAL_ARG_LENGTH "@eq 1" \
"id:210630,chain,msg:'COMODO WAF: Total arguments size exceeded||%{tx.domain}|%{tx.mode}|4',phase:2,block,t:none,rev:1,severity:4,tag:'CWAF',tag:'Request'"
SecRule ARGS_COMBINED_SIZE "@gt %{tx.total_arg_length}" \
"setvar:'tx.points=+%{tx.points_limit1}',t:none"
SecRule &TX:MAX_FILE_SIZE "@eq 1" \
"id:210640,chain,msg:'COMODO WAF: Uploaded file size too large||%{tx.domain}|%{tx.mode}|4',phase:1,block,t:none,rev:1,severity:4,tag:'CWAF',tag:'Request'"
SecRule REQUEST_HEADERS:Content-Type "@beginsWith multipart/form-data" \
"chain"
SecRule REQUEST_HEADERS:Content-Length "@gt %{tx.max_file_size}" \
"setvar:'tx.points=+%{tx.points_limit1}',t:none"
SecRule &TX:COMBINED_FILE_SIZES "@eq 1" \
"id:210650,chain,msg:'COMODO WAF: Total uploaded files size too large||%{tx.domain}|%{tx.mode}|4',phase:2,block,t:none,rev:1,severity:4,tag:'CWAF',tag:'Request'"
SecRule FILES_COMBINED_SIZE "@gt %{tx.combined_file_sizes}" \
"setvar:'tx.points=+%{tx.points_limit1}',t:none"