您好,欢迎光临本网站![请登录][注册会员]  
文件名称: ModSecurity Reference Manual
  所属分类: Web开发
  开发工具:
  文件大小: 512kb
  下载次数: 0
  上传时间: 2009-09-04
  提 供 者: xti***
 详细说明: Table of Contents Introduction .............................................................................................................................8 HTTP Traffic Logging ................................................................................... ...................8 Real-Time Monitoring and Attack Detection ......................................................................8 Attack Prevention and Just-in-time Patching .......................................................................8 Flexible Rule Engine ........................................................................................................9 Embedded-mode Deployment ...........................................................................................9 Network-based Deployment ..............................................................................................9 Portability ........................................................................................................................9 Licensing .......................................................................................................................10 ModSecurity Core Rules™ ......................................................................................................11 Overview .......................................................................................................................11 Core Rules Content .........................................................................................................11 Installation .............................................................................................................................12 Configuration Directives .........................................................................................................14 SecAction ..................................................................................................................14 SecArgumentSeparator ..........................................................................................14 SecAuditEngine .......................................................................................................15 SecAuditLog .............................................................................................................15 SecAuditLog2 ...........................................................................................................16 SecAuditLogParts ..................................................................................................16 SecAuditLogRelevantStatus ...............................................................................17 1 SecAuditLogStorageDir .......................................................................................18 SecAuditLogType .....................................................................................................18 SecCacheTransformations (Deprecated/Experimental) ..........................................19 SecChrootDir ...........................................................................................................19 SecComponentSignature .......................................................................................20 SecContentInjection ............................................................................................20 SecCookieFormat .....................................................................................................20 SecDataDir ................................................................................................................21 SecDebugLog .............................................................................................................21 SecDebugLogLevel ..................................................................................................21 SecDefaultAction ..................................................................................................22 SecGeoLookupDb .......................................................................................................22 SecGuardianLog .......................................................................................................23 SecMarker ..................................................................................................................23 SecPdfProtect .........................................................................................................24 SecPdfProtectMethod ............................................................................................24 SecPdfProtectSecret ............................................................................................25 SecPdfProtectTimeout ..........................................................................................25 SecPdfProtectTokenName .....................................................................................25 SecRequestBodyAccess ..........................................................................................26 SecRequestBodyLimit ............................................................................................26 SecRequestBodyNoFilesLimit ............................................................................26 SecRequestBodyInMemoryLimit ..........................................................................27 SecResponseBodyLimit ..........................................................................................27 SecResponseBodyLimitAction ............................................................................27 SecResponseBodyMimeType ...................................................................................28 SecResponseBodyMimeTypesClear ......................................................................28 SecResponseBodyAccess .......................................................................................29 SecRule ......................................................................................................................29 SecRuleInheritance ..............................................................................................32 SecRuleEngine .........................................................................................................33 SecRuleRemoveById ................................................................................................33 SecRuleRemoveByMsg ..............................................................................................34 SecRuleScript (Experimental) ..................................................................................34 SecRuleUpdateActionById ...................................................................................36 SecServerSignature ..............................................................................................36 SecTmpDir ..................................................................................................................36 SecUploadDir ...........................................................................................................37 SecUploadFileMode ................................................................................................37 SecUploadKeepFiles ..............................................................................................37 SecWebAppId .............................................................................................................38 Processing Phases ...................................................................................................................39 ModSecurity® Reference Manual 2 Phase Request Headers ...................................................................................................41 Phase Request Body .......................................................................................................41 Phase Response Headers .................................................................................................41 Phase Response Body .....................................................................................................42 Phase Logging ................................................................................................................42 Variables ...............................................................................................................................43 ARGS .............................................................................................................................43 ARGS_COMBINED_SIZE ..............................................................................................44 ARGS_NAMES ................................................................................................................44 ARGS_GET ....................................................................................................................44 ARGS_GET_NAMES .......................................................................................................44 ARGS_POST ..................................................................................................................44 ARGS_POST_NAMES .....................................................................................................44 AUTH_TYPE ..................................................................................................................44 ENV ...............................................................................................................................45 FILES ...........................................................................................................................45 FILES_COMBINED_SIZE ............................................................................................45 FILES_NAMES .............................................................................................................45 FILES_SIZES .............................................................................................................45 FILES_TMPNAMES .......................................................................................................45 GEO ...............................................................................................................................46 HIGHEST_SEVERITY ..................................................................................................46 MATCHED_VAR .............................................................................................................46 MATCHED_VAR_NAME ..................................................................................................47 MODSEC_BUILD ...........................................................................................................47 MULTIPART_CRLF_LF_LINES ...................................................................................47 MULTIPART_STRICT_ERROR .....................................................................................47 MULTIPART_UNMATCHED_BOUNDARY ........................................................................48 PATH_INFO ..................................................................................................................48 QUERY_STRING ...........................................................................................................48 REMOTE_ADDR .............................................................................................................49 REMOTE_HOST .............................................................................................................49 REMOTE_PORT .............................................................................................................49 REMOTE_USER .............................................................................................................49 REQBODY_PROCESSOR ................................................................................................49 REQBODY_PROCESSOR_ERROR ...................................................................................50 REQBODY_PROCESSOR_ERROR_MSG ..........................................................................50 REQUEST_BASENAME ..................................................................................................50 REQUEST_BODY ...........................................................................................................50 REQUEST_COOKIES .....................................................................................................51 REQUEST_COOKIES_NAMES .......................................................................................51 REQUEST_FILENAME ..................................................................................................51 ModSecurity® Reference Manual 3 REQUEST_HEADERS .....................................................................................................51 REQUEST_HEADERS_NAMES .......................................................................................52 REQUEST_LINE ...........................................................................................................52 REQUEST_METHOD .......................................................................................................52 REQUEST_PROTOCOL ..................................................................................................52 REQUEST_URI .............................................................................................................52 REQUEST_URI_RAW .....................................................................................................53 RESPONSE_BODY .........................................................................................................53 RESPONSE_CONTENT_LENGTH ...................................................................................53 RESPONSE_CONTENT_TYPE .......................................................................................53 RESPONSE_HEADERS ..................................................................................................53 RESPONSE_HEADERS_NAMES .....................................................................................54 RESPONSE_PROTOCOL ................................................................................................54 RESPONSE_STATUS .....................................................................................................54 RULE .............................................................................................................................54 SCRIPT_BASENAME .....................................................................................................55 SCRIPT_FILENAME .....................................................................................................55 SCRIPT_GID ................................................................................................................55 SCRIPT_GROUPNAME ..................................................................................................55 SCRIPT_MODE .............................................................................................................55 SCRIPT_UID ................................................................................................................56 SCRIPT_USERNAME .....................................................................................................56 SERVER_ADDR .............................................................................................................56 SERVER_NAME .............................................................................................................56 SERVER_PORT .............................................................................................................56 SESSION ......................................................................................................................56 SESSIONID ..................................................................................................................57 TIME .............................................................................................................................57 TIME_DAY ....................................................................................................................57 TIME_EPOCH ................................................................................................................57 TIME_HOUR ..................................................................................................................57 TIME_MIN ....................................................................................................................58 TIME_MON ....................................................................................................................58 TIME_SEC ....................................................................................................................58 TIME_WDAY ..................................................................................................................58 TIME_YEAR ..................................................................................................................58 TX ................................................................................................................................58 USERID ........................................................................................................................59 WEBAPPID ....................................................................................................................59 WEBSERVER_ERROR_LOG ............................................................................................59 XML ...............................................................................................................................59 Transformation functions ........................................................................................................60 ModSecurity® Reference Manual 4 base64Decode ...........................................................................................................61 base64Encode ...........................................................................................................61 compressWhitespace ..............................................................................................61 cssDecode ......................................................................................................................61 escapeSeqDecode .....................................................................................................62 hexDecode ..................................................................................................................62 hexEncode ..................................................................................................................62 htmlEntityDecode ..................................................................................................62 jsDecode ....................................................................................................................62 length ........................................................................................................................62 lowercase ..................................................................................................................62 md5 ...............................................................................................................................63 none .............................................................................................................................63 normalisePath .........................................................................................................63 normalisePathWin ..................................................................................................63 parityEven7bit .......................................................................................................63 parityOdd7bit .........................................................................................................63 parityZero7bit .......................................................................................................63 removeNulls .............................................................................................................63 removeWhitespace ..................................................................................................63 replaceComments .....................................................................................................63 replaceNulls ...........................................................................................................64 urlDecode ..................................................................................................................64 urlDecodeUni ...........................................................................................................64 urlEncode ..................................................................................................................64 sha1 .............................................................................................................................64 trimLeft ....................................................................................................................64 trimRight ..................................................................................................................64 trim .............................................................................................................................64 Actions .................................................................................................................................65 allow ...........................................................................................................................65 append ...........................................................................................................................66 auditlog ....................................................................................................................66 block ...........................................................................................................................67 capture ......................................................................................................................67 chain ...........................................................................................................................68 ctl ...............................................................................................................................68 deny .............................................................................................................................69 deprecatevar ...........................................................................................................69 drop .............................................................................................................................70 exec .............................................................................................................................70 expirevar ..................................................................................................................71 ModSecurity® Reference Manual 5 id ................................................................................................................................71 initcol ......................................................................................................................72 log ...............................................................................................................................72 logdata ......................................................................................................................72 msg ...............................................................................................................................73 multiMatch ................................................................................................................73 noauditlog ................................................................................................................73 nolog ...........................................................................................................................74 pass .............................................................................................................................74 pause ...........................................................................................................................74 phase ...........................................................................................................................75 prepend ..........................................................................................................................75 proxy ...........................................................................................................................75 redirect ....................................................................................................................76 rev ...............................................................................................................................76 sanitiseArg .............................................................................................................76 sanitiseMatched .....................................................................................................76 sanitiseRequestHeader .......................................................................................77 sanitiseResponseHeader .....................................................................................77 severity ....................................................................................................................77 setuid ........................................................................................................................78 setsid ........................................................................................................................78 setenv ........................................................................................................................78 setvar ........................................................................................................................79 skip .............................................................................................................................79 skipAfter ..................................................................................................................80 status ........................................................................................................................80 t ..................................................................................................................................81 tag ...............................................................................................................................81 xmlns ...........................................................................................................................81 Operators ...............................................................................................................................82 beginsWith ................................................................................................................82 contains ....................................................................................................................82 endsWith ....................................................................................................................82 eq ................................................................................................................................82 ge ................................................................................................................................83 geoLookup ..................................................................................................................83 gt ................................................................................................................................83 inspectFile .............................................................................................................83 le ................................................................................................................................84 lt ................................................................................................................................84 pm ................................................................................................................................84 ModSecurity® Reference Manual 6 pmFromFile ................................................................................................................84 rbl ...............................................................................................................................85 rx ................................................................................................................................85 streq ...........................................................................................................................85 validateByteRange ................................................................................................86 validateDTD .............................................................................................................86 validateSchema .......................................................................................................86 validateUrlEncoding ............................................................................................87 validateUtf8Encoding ..........................................................................................87 verifyCC ....................................................................................................................88 within ........................................................................................................................88 Macro Expansion ....................................................................................................................89 Persistant Storage ...................................................................................................................90 Miscellaneous Topics ..............................................................................................................91 Impedance Mismatch ......................................................................................................91 ...展开收缩
(系统自动生成,下载前可以参看下载内容)

下载文件列表

相关说明

  • 本站资源为会员上传分享交流与学习,如有侵犯您的权益,请联系我们删除.
  • 本站是交换下载平台,提供交流渠道,下载内容来自于网络,除下载问题外,其它问题请自行百度
  • 本站已设置防盗链,请勿用迅雷、QQ旋风等多线程下载软件下载资源,下载后用WinRAR最新版进行解压.
  • 如果您发现内容无法下载,请稍后再次尝试;或者到消费记录里找到下载记录反馈给我们.
  • 下载后发现下载的内容跟说明不相乎,请到消费记录里找到下载记录反馈给我们,经确认后退回积分.
  • 如下载前有疑问,可以通过点击"提供者"的名字,查看对方的联系方式,联系对方咨询.
 相关搜索: ModSecurity Reference Manual
 输入关键字,在本站1000多万海量源码库中尽情搜索: