Difference between revisions of "Modsecurity crs 10 config.conf"

From OWASP
Jump to: navigation, search
 
(One intermediate revision by one user not shown)
Line 21: Line 21:
 
  SecTmpDir
 
  SecTmpDir
  
See the [[http://www.modsecurity.org/documentation/modsecurity-apache/2.5.9/modsecurity2-apache-reference.html | ModSecurity Reference Manual]] for directive documentation.
+
See the [http://www.modsecurity.org/documentation/modsecurity-apache/2.5.9/modsecurity2-apache-reference.html | ModSecurity Reference Manual] for directive documentation.
 +
 
 +
{{:Key Project Information:OWASP ModSecurity Core Rule Set Project}}
 +
[[Category:OWASP Project]]
 +
[[Category:OWASP Document]]
 +
[[Category:OWASP Alpha Quality Document]]

Latest revision as of 11:11, 6 August 2009

The data within this conf file may be specified within Apache virtual host containers. The following ModSecurity directives are set within this file -

SecRuleEngine
SecRequestBodyAccess
SecResponseBodyAccess
SecResponseBodyMimeType
SecResponseBodyLimit
SecResponseBodyLimitAction
SecDefaultAction
SecUploadDir
SecUploadKeepFiles
SecAuditEngine
SecAuditLogRelevantStatus
SecAuditLogType
SecAuditLog
SecAuditLogParts
SecCookieFormat
SecRequestBodyInMemoryLimit
SecDebugLog
SecDebugLogLevel
SecTmpDir

See the | ModSecurity Reference Manual for directive documentation.


PROJECT INFORMATION
Project Name OWASP ModSecurity Core Rule Set Project
Short Project Description

The purpose of this project is the documentation and development of the ModSecurity Core Rule Set. Unlike intrusion detection and prevention systems, which rely on signature specific to known vulnerabilities, the Core Rules are based on generic rules in order to provide protection from zero day and unknown vulnerabilities often found in web applications, which are in most cases custom coded.

Key Project Information

Project Leader
Ryan Barnett

Project Contibutors
Brian Rectanus
(add account link, please)

Mailing List
Subscribe here
Use here

License
GNU General Public License

Project Type
Document

Sponsor
BreachSecurityLabs.jpg
Release Status Main Links Related Projects

Apha Quality
Please see here for complete information.

add here.

ModSecurity-Open Source Web Application Firewall
OWASP Securing WebGoat using ModSecurity