Last active
February 9, 2024 21:08
-
-
Save airween/5399baec32c7dc9a9aa30e38115c3979 to your computer and use it in GitHub Desktop.
Regression test cases for ModSecurity issue #3053
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[ | |
{ | |
"enabled":1, | |
"version_min":300000, | |
"title":"Testing CtlRuleRemoteById (1) - issue 3053", | |
"expected":{ | |
"debug_log": "Rule id: 2 was skipped due to a ruleRemoveById action...", | |
"http_code": 403 | |
}, | |
"client":{ | |
"ip":"200.249.12.31", | |
"port":123 | |
}, | |
"request":{ | |
"headers":{ | |
"Host":"localhost", | |
"User-Agent":"curl/7.38.0", | |
"Accept":"*/*" | |
}, | |
"uri":"/wp-login.php?whee&pwd=lhebs", | |
"method":"GET", | |
"body": [ ] | |
}, | |
"server":{ | |
"ip":"200.249.12.31", | |
"port":80 | |
}, | |
"rules":[ | |
"SecRuleEngine On", | |
"SecRule REQUEST_HEADERS:Host \"!@streq example.com\" \"id:1,phase:1,pass,t:none,nolog,ctl:ruleRemoveById=2\"", | |
"SecRule REQUEST_FILENAME \"@unconditionalMatch\" \"id:2,phase:1,pass,t:none,nolog,ctl:ruleRemoveByTag=OWASP_CRS\"", | |
"SecRule ARGS_NAMES \"@contains whe\" \"id:3,phase:1,t:none,nolog,deny,tag:'OWASP_CRS'\"" | |
] | |
}, | |
{ | |
"enabled":1, | |
"version_min":300000, | |
"title":"Testing CtlRuleRemoteById (2) - issue 3053", | |
"expected":{ | |
"debug_log": "Skipped rule id '3'. Skipped due to a ruleRemoveByTag action.", | |
"http_code": 200 | |
}, | |
"client":{ | |
"ip":"200.249.12.31", | |
"port":123 | |
}, | |
"request":{ | |
"headers":{ | |
"Host":"example.com", | |
"User-Agent":"curl/7.38.0", | |
"Accept":"*/*" | |
}, | |
"uri":"/wp-login.php?whee&pwd=lhebs", | |
"method":"GET", | |
"body": [ ] | |
}, | |
"server":{ | |
"ip":"200.249.12.31", | |
"port":80 | |
}, | |
"rules":[ | |
"SecRuleEngine On", | |
"SecRule REQUEST_HEADERS:Host \"!@streq example.com\" \"id:1,phase:1,pass,t:none,nolog,ctl:ruleRemoveById=2\"", | |
"SecRule REQUEST_FILENAME \"@unconditionalMatch\" \"id:2,phase:1,pass,t:none,nolog,ctl:ruleRemoveByTag=OWASP_CRS\"", | |
"SecRule ARGS_NAMES \"@contains whe\" \"id:3,phase:1,t:none,nolog,deny,tag:'OWASP_CRS'\"" | |
] | |
}, | |
{ | |
"enabled":1, | |
"version_min":300000, | |
"title":"Testing CtlRuleRemoteById (3) - issue 3053", | |
"expected":{ | |
"http_code": 403 | |
}, | |
"client":{ | |
"ip":"200.249.12.31", | |
"port":123 | |
}, | |
"request":{ | |
"headers":{ | |
"Host":"localhost", | |
"User-Agent":"curl/7.38.0", | |
"Accept":"*/*" | |
}, | |
"uri":"/wp-login.php?whee&pwd=lhebs", | |
"method":"GET", | |
"body": [ ] | |
}, | |
"server":{ | |
"ip":"200.249.12.31", | |
"port":80 | |
}, | |
"rules":[ | |
"SecRuleEngine On", | |
"SecRule REQUEST_HEADERS:Host \"!@streq example.com\" \"id:1,phase:1,pass,t:none,log,msg:'This is rule id 1',ctl:ruleRemoveById=2\"", | |
"SecAction \"id:2,phase:1,pass,t:none,log,msg:'This is rule id 2',ctl:ruleRemoveByTag=OWASP_CRS\"", | |
"SecRule ARGS_NAMES \"@contains whe\" \"id:3,phase:1,t:none,log,msg:'This is rule id 3',deny,tag:'OWASP_CRS'\"" | |
] | |
}, | |
{ | |
"enabled":1, | |
"version_min":300000, | |
"title":"Testing CtlRuleRemoteById (4) - issue 3053", | |
"expected":{ | |
"http_code": 200 | |
}, | |
"client":{ | |
"ip":"200.249.12.31", | |
"port":123 | |
}, | |
"request":{ | |
"headers":{ | |
"Host":"example.com", | |
"User-Agent":"curl/7.38.0", | |
"Accept":"*/*" | |
}, | |
"uri":"/wp-login.php?whee&pwd=lhebs", | |
"method":"GET", | |
"body": [ ] | |
}, | |
"server":{ | |
"ip":"200.249.12.31", | |
"port":80 | |
}, | |
"rules":[ | |
"SecRuleEngine On", | |
"SecRule REQUEST_HEADERS:Host \"!@streq example.com\" \"id:1,phase:1,pass,t:none,log,msg:'This is rule id 1',ctl:ruleRemoveById=2\"", | |
"SecAction \"id:2,phase:1,pass,t:none,log,msg:'This is rule id 2',ctl:ruleRemoveByTag=OWASP_CRS\"", | |
"SecRule ARGS_NAMES \"@contains whe\" \"id:3,phase:1,t:none,log,msg:'This is rule id 3',deny,tag:'OWASP_CRS'\"" | |
] | |
} | |
] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment