From c9bfccc35345ce58fb5774d4b0b6a9868b262c0a Mon Sep 17 00:00:00 2001
From: giorgio <giorgio@13f79535-47bb-0310-9956-ffa450edef68>
Date: Wed, 5 Sep 2012 08:31:30 +0000
Subject: git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1381061
 13f79535-47bb-0310-9956-ffa450edef68

---
 .../lightweight-sca/patches/modsecurity-crs_2.2.2.patch    | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 sca-cpp/branches/lightweight-sca/patches/modsecurity-crs_2.2.2.patch

(limited to 'sca-cpp/branches/lightweight-sca/patches/modsecurity-crs_2.2.2.patch')

diff --git a/sca-cpp/branches/lightweight-sca/patches/modsecurity-crs_2.2.2.patch b/sca-cpp/branches/lightweight-sca/patches/modsecurity-crs_2.2.2.patch
new file mode 100644
index 0000000000..a0935b5bc2
--- /dev/null
+++ b/sca-cpp/branches/lightweight-sca/patches/modsecurity-crs_2.2.2.patch
@@ -0,0 +1,14 @@
+--- base_rules/modsecurity_crs_40_generic_attacks.conf
++++ base_rules/modsecurity_crs_40_generic_attacks.conf
+164,165c164,165
+< SecRule ARGS "(?:ft|htt)ps?.*\?+$" \
+<         "phase:2,rev:'2.2.2',t:none,t:htmlEntityDecode,t:lowercase,capture,ctl:auditLogParts=+E,block,status:501,msg:'Remote File Inclusion Attack',id:'950119',severity:'2',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},setvar:tx.rfi_score=+%{tx.critical_anomaly_score},setvar:tx.%{rule.id}-WEB_ATTACK/RFI-%{matched_var_name}=%{tx.0}"
+---
+> #SecRule ARGS "(?:ft|htt)ps?.*\?+$" \
+> #        "phase:2,rev:'2.2.2',t:none,t:htmlEntityDecode,t:lowercase,capture,ctl:auditLogParts=+E,block,status:501,msg:'Remote File Inclusion Attack',id:'950119',severity:'2',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},setvar:tx.rfi_score=+%{tx.critical_anomaly_score},setvar:tx.%{rule.id}-WEB_ATTACK/RFI-%{matched_var_name}=%{tx.0}"
+--- base_rules/modsecurity_crs_50_outbound.conf
++++ base_rules/modsecurity_crs_50_outbound.conf
+39c39
+< SecRule RESPONSE_BODY "\<\%" "phase:4,rev:'2.2.2',chain,t:none,capture,ctl:auditLogParts=+E,block,msg:'ASP/JSP source code leakage',id:'970903',tag:'LEAKAGE/SOURCE_CODE_ASP_JSP',tag:'WASCTC/WASC-13',tag:'OWASP_TOP_10/A6',tag:'PCI/6.5.6',severity:'3'"
+---
+> #SecRule RESPONSE_BODY "\<\%" "phase:4,rev:'2.2.2',chain,t:none,capture,ctl:auditLogParts=+E,block,msg:'ASP/JSP source code leakage',id:'970903',tag:'LEAKAGE/SOURCE_CODE_ASP_JSP',tag:'WASCTC/WASC-13',tag:'OWASP_TOP_10/A6',tag:'PCI/6.5.6',severity:'3'"
-- 
cgit v1.2.3