web-master
March 5th, 2017, 11:48
سلام خدمت شما
در بخش Vendor های مربوط به Mod Security ، قوانین مربوط به OWASP را تنظیم کردم . ولی حس میکنم میزان سختگیری بالایی اعمال میکنه و خیلی از بازدید کننده های عادی بلاک میشن.
واسه متعادل کردن این قوانین راهکاری دارید ؟
کدام Rule ها رو غیر فعال کنم ؟
modsecurity_crs_10_setup.conf (https://go.cpanel.net/OWASP-modsecurity-crs-10-setup-conf)
rules/REQUEST-01-COMMON-EXCEPTIONS.conf (https://go.cpanel.net/OWASP-rules-REQUEST-01-COMMON-EXCEPTIONS-conf)
rules/REQUEST-10-IP-REPUTATION.conf (https://go.cpanel.net/OWASP-rules-REQUEST-10-IP-REPUTATION-conf)
rules/REQUEST-12-DOS-PROTECTION.conf (https://go.cpanel.net/OWASP-rules-REQUEST-12-DOS-PROTECTION-conf)
rules/REQUEST-13-SCANNER-DETECTION.conf (https://go.cpanel.net/OWASP-rules-REQUEST-13-SCANNER-DETECTION-conf)
rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf (https://go.cpanel.net/OWASP-rules-REQUEST-20-PROTOCOL-ENFORCEMENT-conf)
rules/REQUEST-21-PROTOCOL-ATTACK.conf (https://go.cpanel.net/OWASP-rules-REQUEST-21-PROTOCOL-ATTACK-conf)
rules/REQUEST-30-APPLICATION-ATTACK-LFI.conf (https://go.cpanel.net/OWASP-rules-REQUEST-30-APPLICATION-ATTACK-LFI-conf)
rules/REQUEST-31-APPLICATION-ATTACK-RFI.conf (https://go.cpanel.net/OWASP-rules-REQUEST-31-APPLICATION-ATTACK-RFI-conf)
rules/REQUEST-33-APPLICATION-ATTACK-PHP.conf (https://go.cpanel.net/OWASP-rules-REQUEST-33-APPLICATION-ATTACK-PHP-conf)
rules/REQUEST-41-APPLICATION-ATTACK-XSS.conf (https://go.cpanel.net/OWASP-rules-REQUEST-41-APPLICATION-ATTACK-XSS-conf)
rules/REQUEST-42-APPLICATION-ATTACK-SQLI.conf (https://go.cpanel.net/OWASP-rules-REQUEST-42-APPLICATION-ATTACK-SQLI-conf)
rules/REQUEST-43-APPLICATION-ATTACK-SESSION-FIXATION.conf (https://go.cpanel.net/OWASP-rules-REQUEST-43-APPLICATION-ATTACK-SESSION-FIXATION-conf)
rules/REQUEST-49-BLOCKING-EVALUATION.conf (https://go.cpanel.net/OWASP-rules-REQUEST-49-BLOCKING-EVALUATION-conf)
rules/RESPONSE-50-DATA-LEAKAGES-IIS.conf (https://go.cpanel.net/OWASP-rules-RESPONSE-50-DATA-LEAKAGES-IIS-conf)
rules/RESPONSE-50-DATA-LEAKAGES-JAVA.conf (https://go.cpanel.net/OWASP-rules-RESPONSE-50-DATA-LEAKAGES-JAVA-conf)
rules/RESPONSE-50-DATA-LEAKAGES-PHP.conf (https://go.cpanel.net/OWASP-rules-RESPONSE-50-DATA-LEAKAGES-PHP-conf)
rules/RESPONSE-50-DATA-LEAKAGES.conf (https://go.cpanel.net/OWASP-rules-RESPONSE-50-DATA-LEAKAGES-conf)
rules/RESPONSE-51-DATA-LEAKAGES-SQL.conf (https://go.cpanel.net/OWASP-rules-RESPONSE-51-DATA-LEAKAGES-SQL-conf)
rules/RESPONSE-59-BLOCKING-EVALUATION.conf (https://go.cpanel.net/OWASP-rules-RESPONSE-59-BLOCKING-EVALUATION-conf)
rules/RESPONSE-80-CORRELATION.conf (https://go.cpanel.net/OWASP-rules-RESPONSE-80-CORRELATION-conf)
با سپاس
در بخش Vendor های مربوط به Mod Security ، قوانین مربوط به OWASP را تنظیم کردم . ولی حس میکنم میزان سختگیری بالایی اعمال میکنه و خیلی از بازدید کننده های عادی بلاک میشن.
واسه متعادل کردن این قوانین راهکاری دارید ؟
کدام Rule ها رو غیر فعال کنم ؟
modsecurity_crs_10_setup.conf (https://go.cpanel.net/OWASP-modsecurity-crs-10-setup-conf)
rules/REQUEST-01-COMMON-EXCEPTIONS.conf (https://go.cpanel.net/OWASP-rules-REQUEST-01-COMMON-EXCEPTIONS-conf)
rules/REQUEST-10-IP-REPUTATION.conf (https://go.cpanel.net/OWASP-rules-REQUEST-10-IP-REPUTATION-conf)
rules/REQUEST-12-DOS-PROTECTION.conf (https://go.cpanel.net/OWASP-rules-REQUEST-12-DOS-PROTECTION-conf)
rules/REQUEST-13-SCANNER-DETECTION.conf (https://go.cpanel.net/OWASP-rules-REQUEST-13-SCANNER-DETECTION-conf)
rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf (https://go.cpanel.net/OWASP-rules-REQUEST-20-PROTOCOL-ENFORCEMENT-conf)
rules/REQUEST-21-PROTOCOL-ATTACK.conf (https://go.cpanel.net/OWASP-rules-REQUEST-21-PROTOCOL-ATTACK-conf)
rules/REQUEST-30-APPLICATION-ATTACK-LFI.conf (https://go.cpanel.net/OWASP-rules-REQUEST-30-APPLICATION-ATTACK-LFI-conf)
rules/REQUEST-31-APPLICATION-ATTACK-RFI.conf (https://go.cpanel.net/OWASP-rules-REQUEST-31-APPLICATION-ATTACK-RFI-conf)
rules/REQUEST-33-APPLICATION-ATTACK-PHP.conf (https://go.cpanel.net/OWASP-rules-REQUEST-33-APPLICATION-ATTACK-PHP-conf)
rules/REQUEST-41-APPLICATION-ATTACK-XSS.conf (https://go.cpanel.net/OWASP-rules-REQUEST-41-APPLICATION-ATTACK-XSS-conf)
rules/REQUEST-42-APPLICATION-ATTACK-SQLI.conf (https://go.cpanel.net/OWASP-rules-REQUEST-42-APPLICATION-ATTACK-SQLI-conf)
rules/REQUEST-43-APPLICATION-ATTACK-SESSION-FIXATION.conf (https://go.cpanel.net/OWASP-rules-REQUEST-43-APPLICATION-ATTACK-SESSION-FIXATION-conf)
rules/REQUEST-49-BLOCKING-EVALUATION.conf (https://go.cpanel.net/OWASP-rules-REQUEST-49-BLOCKING-EVALUATION-conf)
rules/RESPONSE-50-DATA-LEAKAGES-IIS.conf (https://go.cpanel.net/OWASP-rules-RESPONSE-50-DATA-LEAKAGES-IIS-conf)
rules/RESPONSE-50-DATA-LEAKAGES-JAVA.conf (https://go.cpanel.net/OWASP-rules-RESPONSE-50-DATA-LEAKAGES-JAVA-conf)
rules/RESPONSE-50-DATA-LEAKAGES-PHP.conf (https://go.cpanel.net/OWASP-rules-RESPONSE-50-DATA-LEAKAGES-PHP-conf)
rules/RESPONSE-50-DATA-LEAKAGES.conf (https://go.cpanel.net/OWASP-rules-RESPONSE-50-DATA-LEAKAGES-conf)
rules/RESPONSE-51-DATA-LEAKAGES-SQL.conf (https://go.cpanel.net/OWASP-rules-RESPONSE-51-DATA-LEAKAGES-SQL-conf)
rules/RESPONSE-59-BLOCKING-EVALUATION.conf (https://go.cpanel.net/OWASP-rules-RESPONSE-59-BLOCKING-EVALUATION-conf)
rules/RESPONSE-80-CORRELATION.conf (https://go.cpanel.net/OWASP-rules-RESPONSE-80-CORRELATION-conf)
با سپاس