-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
New Release of GotRoot Web Signatures
Diff of /etc/modsecurity/apache2-rules.conf
Diff of /etc/modsecurity/blacklist.conf
531c531
< #SecFilterSelective HTTP_Referer|ARGS
"bby.ru"
- ---
> SecFilterSelective HTTP_Referer|ARGS
"bby.rub"
7606d7605
< SecFilterSelective HTTP_Referer|ARGS
BoiseComputerService.com
Diff of /etc/modsecurity/proxy.conf
Diff of /etc/modsecurity/rules.conf
38a39,40
> # we exclude GET requests from this because some
(automated)
> # clients supply "text/html" as Content-Type
42,47c44,46
< #Block WebDav PUTS
< #Comment this rule out if you need WebDAV
< SecFilterSelective REQUEST_METHOD "^PUT$"
"id:340002,rev:1,severity:2,msg:'Restricted HTTP
function'"
<
< #Generic rule for allowed characters, adjust for your
site before activating
< #SecFilterSelective REQUEST_URI
"!^[-a-zA-z0-9.+_/-?=]+$"
"chain,id:390002,rev:1,severity:2,msg:'Restricted HTTP
character set'"
- ---
> #Generic rule for allowed characters, very broken at
the moment, dont use it unless you can fix it
> #Then post your fix eh!
> #SecFilterSelective REQUEST_URI
"!^[-a-zA-z0-9.+_/-?=]+$"
"chain,id:340002,rev:1,severity:2,msg:'Restricted HTTP
character set'"
184,185c183
< SecFilterSelective ARGS "(ht|f)tps?:/" chain
< SecFilterSelective HTTP_Referer
"!/imp/login.php"
- ---
> SecFilterSelective ARGS "(ht|f)tps?:/"
187,188c185
< SecFilterSelective REQUEST_URI
".php(3|4|5)?(?|&).*=(ht|f)tps?:/" chain
< SecFilterSelective HTTP_Referer
"!/imp/login.php"
- ---
> SecFilterSelective REQUEST_URI
".php(3|4|5)?(?|&).*=(ht|f)tps?:/"
Diff of /etc/modsecurity/blacklist2.conf
31d30
< SecFilterSelective THE_REQUEST
"(/|.)molganinovo.ru/"
Diff of /etc/modsecurity/exclude.conf
10a11,12
> # modsecurity is a trademark of Thinking Stone, Ltd.
> #
46,49d47
< <LocationMatch "/admin/main.php">
< SecFilterRemove 300013
< </LocationMatch>
<
85c83
< <LocationMatch "/imp/compose.php">
- ---
> <LocationMatch
"/horde/imp/compose.php">
Diff of /etc/modsecurity/rootkits.conf
Diff of /etc/modsecurity/useragents.conf
13c13
< # Version: N-20061014-01
- ---
> # Version: N-20060907-01
232,235d231
<
< #MS WebDav
< #If you do not allow webdav, this is useful to catch
some webdav PUT attacks
< SecFilterSelective HTTP_USER_AGENT "Microsoft Data
Access Internet Publishing Provider"
Diff of /etc/modsecurity/exclude.conf
Diff of /etc/modsecurity/badips.conf
Diff of /etc/modsecurity/recons.conf
Diff of /etc/modsecurity/jitp.conf
4453,4455d4452
<
< #
< SecFilterSelective ARG_doc_directory
"(ht|f)tps?:/"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQIVAwUBRVX3krVvl2Kn6BhaAQI/Bw//QGWQfWXAVJAvh0+fJKv+UEe69nQ5
b4mL
VVM2TAhN5SzZXMQ8KhqdM1a4O1JFRy9N87ZGaJF+Ma+boeBDgwecgQK3Bg1b
9qSz
rLP0VQVHE/5oVe2ZDh0Xlo15jOqU7oAyF9OszWquTuD4d+LVljbZXxqFg7kr
lNn2
NWY8UObp1jurwOAnOZU+ObdfJxqjgGKBvBpQ0nxOEMRs3ohEpFln5qaSmGG3
ZU7R
uXDWr2X11OEaLWsE2NfZwloAArOPhJ0nEKSCjlFyujNVmXdc4yFK+RHTFKJf
d/Ch
Xn8VfjIdgrhLqanNV6fbRbRB08do8C4DLmL9F+BWQeQPtvUTDOcrBBifvwVN
yXp6
FcSbChk7/Q/3zaPsWodgN9ONGk1F1Y8A2eAxdnFf7oNm1U75TKZG4tSJ230o
6J8u
tvF4DmNv9FVXb1GPxZG/tjTJrtw3NIIkC5krGSCrPaWvb/VKBtbRn/ptGxM4
PlfS
PVt/lQMenQzhgeavCjeGwFJnzISYBioXn0bgSWwfMu1HQxGoj1+cVlh2sBfL
fGGO
Kcviw0bxefe/sS+GM5OEwFpf/t8e77ncBErAPaJeJpFxC8pXwh0fEyNE+Oyl
fpHs
dVt3OGtEzoIWeiThQ0X3QcK36D3YVUkj82roRFN4XlD0o/VRmQTYI4spShdK
Ft9v
j1U5vE0aYaY=
=CkUP
-----END PGP SIGNATURE-----
_______________________________________________
Modsecurity mailing list
Modsecurity gotroot.com
http://lists.gotroot.com/mailman/listinfo/modsecurity
|