ï»¿
Your IP : 216.73.216.95

Current Path : /usr/share/modsecurity-crs.bk/util/debug/
Current File : //usr/share/modsecurity-crs.bk/util/debug/RESPONSE-981-DEBUG.conf
#
# -- [[ Debug Mode ]] ----------------------------------------------------------
#
# To enable rule development and debugging, CRS has an optional debug mode
# that does not block a request, but instead sends detection information
# back to the HTTP client.
#
# This functionality is currently only supported with the Apache web server.
# The Apache mod_headers module is required.
#
# In debug mode, the webserver inserts "X-WAF-Events" / "X-WAF-Score"
# response headers whenever a debug client makes a request. Example:
#
#   # curl -v 'http://192.168.1.100/?foo=../etc/passwd'
#   X-WAF-Events: TX:930110-OWASP_CRS/WEB_ATTACK/DIR_TRAVERSAL-REQUEST_URI,
#                TX:930120-OWASP_CRS/WEB_ATTACK/FILE_INJECTION-ARGS:foo,
#                TX:932160-OWASP_CRS/WEB_ATTACK/RCE-ARGS:foo
#   X-WAF-Score: Total=15; sqli=0; xss=0; rfi=0; lfi=10; rce=5; php=0; http=0; ses=0
#
# To enable debug mode, see the section "Debug Mode" in crs-setup.conf.
#
SecRule &TX:CRS_DEBUG_MODE|TX:CRS_DEBUG_MODE "@eq 0" \
	"phase:4,\
	t:none,\
	nolog,\
	id:981228,\
	pass,\
	skipAfter:END_RESPONSE_HEADER_TAGGING"

SecRule TX:ANOMALY_SCORE "@eq 0" \
	"phase:4,\
	id:981229,\
	t:none,\
	nolog,\
	pass,\
	skipAfter:END_RESPONSE_HEADER_TAGGING"

SecRule TX:/^\d*\-/ "." \
	"phase:4,\
	id:981230,\
	t:none,\
	nolog,\
	pass,\
	setvar:tx.counter=+1,\
	setenv:matched_rule-%{tx.counter}=%{matched_var_name},\
	setenv:anomaly_score=%{tx.anomaly_score},\
	setenv:sql_injection_score=%{tx.sql_injection_score},\
	setenv:xss_score=%{tx.xss_score},\
	setenv:rfi_score=%{tx.rfi_score},\
	setenv:lfi_score=%{tx.lfi_score},\
	setenv:rce_score=%{tx.rce_score},\
	setenv:php_injection_score=%{tx.php_injection_score},\
	setenv:http_violation_score=%{tx.http_violation_score},\
	setenv:session_fixation_score=%{tx.session_fixation_score}"

Header append X-WAF-Events "%{matched_rule-1}e" env=matched_rule-1
Header append X-WAF-Events "%{matched_rule-2}e" env=matched_rule-2
Header append X-WAF-Events "%{matched_rule-3}e" env=matched_rule-3
Header append X-WAF-Events "%{matched_rule-4}e" env=matched_rule-4
Header append X-WAF-Events "%{matched_rule-5}e" env=matched_rule-5
Header append X-WAF-Events "%{matched_rule-6}e" env=matched_rule-6
Header append X-WAF-Events "%{matched_rule-7}e" env=matched_rule-7
Header append X-WAF-Events "%{matched_rule-8}e" env=matched_rule-8
Header append X-WAF-Events "%{matched_rule-9}e" env=matched_rule-9
Header append X-WAF-Events "%{matched_rule-10}e" env=matched_rule-10
Header append X-WAF-Events "%{matched_rule-11}e" env=matched_rule-11
Header append X-WAF-Events "%{matched_rule-12}e" env=matched_rule-12
Header append X-WAF-Events "%{matched_rule-13}e" env=matched_rule-13
Header append X-WAF-Events "%{matched_rule-14}e" env=matched_rule-14
Header append X-WAF-Events "%{matched_rule-15}e" env=matched_rule-15
Header append X-WAF-Events "%{matched_rule-16}e" env=matched_rule-16
Header append X-WAF-Events "%{matched_rule-17}e" env=matched_rule-17
Header append X-WAF-Events "%{matched_rule-18}e" env=matched_rule-18
Header append X-WAF-Events "%{matched_rule-19}e" env=matched_rule-19
Header append X-WAF-Events "%{matched_rule-20}e" env=matched_rule-20

Header set X-WAF-Score "Total=%{anomaly_score}e; sqli=%{sql_injection_score}e; xss=%{xss_score}e; rfi=%{rfi_score}e; lfi=%{lfi_score}e; rce=%{rce_score}e; php=%{php_injection_score}e; http=%{http_violation_score}e; ses=%{session_fixation_score}e" env=anomaly_score

SecMarker END_RESPONSE_HEADER_TAGGING