svetogor82 Posted May 22, 2023 Posted May 22, 2023 Доброе время суток у меня есть ложные срабатывание пытаюсь на них сделать исключения и с что то не выходит делаю исключения в nginx location /ocs/v2.php { modsecurity_rules ' SecRuleRemoveById 949110 920170 '; } и всё рано вижу блокировку ---zMWl5NSy---H-- ModSecurity: Warning. Matched "Operator `Rx' with parameter `^0?$' against variable `REQUEST_HEADERS:Content-Length' (Value: `17' ) [file "/etc/nginx/modsec/coreruleset-3.3.4/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "162"] [id "920170"] [rev ""] [msg "GET or HEAD Request with Body Content"] [data "17"] [severity "2"] [ver "OWASP_CRS/3.3.4"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [hostname "172.16.1.55"] [uri "/ocs/v2.php/apps/user_status/api/v1/heartbeat"] [unique_id "168473616779.455359"] [ref "o0,3v0,3v468,2"] ModSecurity: Access denied with code 403 (phase 2). Matched "Operator `Ge' with parameter `5' against variable `TX:ANOMALY_SCORE' (Value: `5' ) [file "/etc/nginx/modsec/coreruleset-3.3.4/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "81"] [id "949110"] [rev ""] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [data ""] [severity "2"] [ver "OWASP_CRS/3.3.4"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "172.16.1.55"] [uri "/ocs/v2.php/apps/user_status/api/v1/heartbeat"] [unique_id "168473616779.455359"] [ref ""] подскажите как правильно делать исключения Вставить ник Quote
.png.5d2afa2996cc6a85d0f2c09b92dd0a28.png)
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.