【发布时间】:2011-10-14 20:11:15
【问题描述】:
Modsecurity 问题...
REQUEST_METHOD 测试在下面做什么?它出现了两次。
SecRule REQUEST_METHOD "!^OPTIONS$" "t:none"
SecRule &REQUEST_HEADERS:Accept "@eq 0" \
"chain,phase:2,skip:1,t:none,deny,log,auditlog,status:400,msg:'Request Missing an Accept Header', severity:'2',id:'960015',tag:'PROTOCOL_VIOLATION/MISSING_HEADER'"
SecRule REQUEST_METHOD "!^OPTIONS$" "t:none"
SecRule REQUEST_HEADERS:Accept "^$" \
"chain,phase:2,t:none,deny,log,auditlog,status:400,msg:'Request Missing an Accept Header', severity:'2',id:'960015',tag:'PROTOCOL_VIOLATION/MISSING_HEADER'"
SecRule REQUEST_METHOD "!^OPTIONS$" "t:none"
SecRule &REQUEST_HEADERS:User-Agent "@eq 0" \
"skip:1,phase:2,t:none,deny,log,auditlog,status:400,msg:'Request Missing a User Agent Header',id:'960009',tag:'PROTOCOL_VIOLATION/MISSING_HEADER',severity:'4'"
SecRule REQUEST_HEADERS:User-Agent "^$" \
"t:none,deny,log,auditlog,status:400,msg:'Request Missing a User Agent Header',id:'960009',tag:'PROTOCOL_VIOLATION/MISSING_HEADER',severity:'4'"
SecMarker 969999
请不要解释整个事情,我可以阅读其他所有内容。看起来REQUEST_METHOD 测试不过是某种巫术......
顺便说一句,Accept 的测试是错误的。根据 HTTP,Accept 选项不是强制性的。
【问题讨论】:
-
今天在阅读文档时,我了解到 REQUEST_HEADERS 等名称前的 & 字符用于获取集合中的计数。仍然想知道似乎是链条一部分的选项。