From 2d1be6a3b24ecbe6d77d8eba4fd48545b1ebb159 Mon Sep 17 00:00:00 2001 From: f Date: Wed, 6 Nov 2024 18:00:05 -0300 Subject: [PATCH] feat: modsecurity.conf --- nginx/snippets/modsecurity.conf | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 nginx/snippets/modsecurity.conf diff --git a/nginx/snippets/modsecurity.conf b/nginx/snippets/modsecurity.conf new file mode 100644 index 0000000..c256d76 --- /dev/null +++ b/nginx/snippets/modsecurity.conf @@ -0,0 +1,30 @@ +modsecurity on; +modsecurity_rules 'SecRuleEngine On'; +modsecurity_rules 'SecAuditLogFormat JSON'; +modsecurity_rules_file /etc/modsecurity/modsecurity.conf; +modsecurity_rules_file /etc/crs4/crs-setup.conf; +modsecurity_rules_file /etc/crs4/rules/REQUEST-901-INITIALIZATION.conf; +modsecurity_rules_file /etc/crs4/rules/REQUEST-905-COMMON-EXCEPTIONS.conf; +modsecurity_rules_file /etc/crs4/rules/REQUEST-911-METHOD-ENFORCEMENT.conf; +modsecurity_rules_file /etc/crs4/rules/REQUEST-913-SCANNER-DETECTION.conf; +modsecurity_rules_file /etc/crs4/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf; +modsecurity_rules_file /etc/crs4/rules/REQUEST-921-PROTOCOL-ATTACK.conf; +modsecurity_rules_file /etc/crs4/rules/REQUEST-922-MULTIPART-ATTACK.conf; +modsecurity_rules_file /etc/crs4/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf; +modsecurity_rules_file /etc/crs4/rules/REQUEST-931-APPLICATION-ATTACK-RFI.conf; +modsecurity_rules_file /etc/crs4/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf; +modsecurity_rules_file /etc/crs4/rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf; +modsecurity_rules_file /etc/crs4/rules/REQUEST-934-APPLICATION-ATTACK-GENERIC.conf; +modsecurity_rules_file /etc/crs4/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf; +modsecurity_rules_file /etc/crs4/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf; +modsecurity_rules_file /etc/crs4/rules/REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION.conf; +modsecurity_rules_file /etc/crs4/rules/REQUEST-944-APPLICATION-ATTACK-JAVA.conf; +modsecurity_rules_file /etc/crs4/rules/REQUEST-949-BLOCKING-EVALUATION.conf; +modsecurity_rules_file /etc/crs4/rules/RESPONSE-950-DATA-LEAKAGES.conf; +modsecurity_rules_file /etc/crs4/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf; +modsecurity_rules_file /etc/crs4/rules/RESPONSE-952-DATA-LEAKAGES-JAVA.conf; +modsecurity_rules_file /etc/crs4/rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf; +modsecurity_rules_file /etc/crs4/rules/RESPONSE-954-DATA-LEAKAGES-IIS.conf; +modsecurity_rules_file /etc/crs4/rules/RESPONSE-955-WEB-SHELLS.conf; +modsecurity_rules_file /etc/crs4/rules/RESPONSE-959-BLOCKING-EVALUATION.conf; +modsecurity_rules_file /etc/crs4/rules/RESPONSE-980-CORRELATION.conf;