8000 Update version strings to 3.4.0-dev by lifeforms · Pull Request #2100 · coreruleset/coreruleset · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Update version strings to 3.4.0-dev #2100

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
May 24, 2021
Merged

Update version strings to 3.4.0-dev #2100

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
d36cee3
update version strings to 3.4.0-dev
lifeforms May 24, 2021
d3bdf6c
update version in .example files
lifeforms May 24, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 7 additions & 7 deletions crs-setup.conf.example
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# ------------------------------------------------------------------------
# OWASP ModSecurity Core Rule Set ver.3.3.0
# OWASP ModSecurity Core Rule Set ver.3.4.0-dev
# Copyright (c) 2006-2020 Trustwave and contributors. All rights reserved.
#
# The OWASP ModSecurity Core Rule Set is distributed under
Expand Down Expand Up @@ -851,9 +851,9 @@ SecCollectionTimeout 600
# E.g., v3.0.0 is represented as 300.
#
SecAction \
"id:900990,\
phase:1,\
nolog,\
pass,\
t:none,\
setvar:tx.crs_setup_version=330"
"id:900990,\
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Haha, msc_pyparser have set the indent :)

phase:1,\
nolog,\
pass,\
t:none,\
setvar:tx.crs_setup_version=340"
2 changes: 1 addition & 1 deletion rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.example
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# ------------------------------------------------------------------------
# OWASP ModSecurity Core Rule Set ver.3.3.0
# OWASP ModSecurity Core Rule Set ver.3.4.0-dev
# Copyright (c) 2006-2020 Trustwave and contributors. All rights reserved.
#
# The OWASP ModSecurity Core Rule Set is distributed under
Expand Down
70 changes: 35 additions & 35 deletions rules/REQUEST-901-INITIALIZATION.conf
View file
Open in desktop
10000 < 84D8 /tr>
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# ------------------------------------------------------------------------
# OWASP ModSecurity Core Rule Set ver.3.3.0
# OWASP ModSecurity Core Rule Set ver.3.4.0-dev
# Copyright (c) 2006-2020 Trustwave and contributors. All rights reserved.
#
# The OWASP ModSecurity Core Rule Set is distributed under
Expand All @@ -25,7 +25,7 @@
#
# Ref: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#wiki-SecComponentSignature
#
SecComponentSignature "OWASP_CRS/3.3.0"
SecComponentSignature "OWASP_CRS/3.4.0-dev"

#
# -=[ Default setup values ]=-
Expand Down Expand Up @@ -58,7 +58,7 @@ SecRule &TX:crs_setup_version "@eq 0" \
log,\
auditlog,\
msg:'ModSecurity Core Rule Set is deployed without configuration! Please copy the crs-setup.conf.example template to crs-setup.conf, and include the crs-setup.conf file in your webserver configuration before including the CRS rules. See the INSTALL file in the CRS directory for detailed instructions',\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
severity:'CRITICAL'"


Expand All @@ -76,7 +76,7 @@ SecRule &TX:inbound_anomaly_score_threshold "@eq 0" \
phase:1,\
pass,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'tx.inbound_anomaly_score_threshold=5'"

# Default Outbound Anomaly Threshold Level (rule 900110 in setup.conf)
Expand All @@ -85,7 +85,7 @@ SecRule &TX:outbound_anomaly_score_threshold "@eq 0" \
phase:1,\
pass,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'tx.outbound_anomaly_score_threshold=4'"

# Default Blocking Early (rule 900120 in setup.conf)
Expand All @@ -94,7 +94,7 @@ SecRule &TX:blocking_early "@eq 0" \
phase:1,\
pass,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'tx.blocking_early=0'"

# Default Paranoia Level (rule 900000 in setup.conf)
Expand All @@ -103,7 +103,7 @@ SecRule &TX:paranoia_level "@eq 0" \
phase:1,\
pass,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'tx.paranoia_level=1'"

# Default Executing Paranoia Level (rule 900000 in setup.conf)
Expand All @@ -112,7 +112,7 @@ SecRule &TX:executing_paranoia_level "@eq 0" \
phase:1,\
pass,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'tx.executing_paranoia_level=%{TX.PARANOIA_LEVEL}'"

# Default Sampling Percentage (rule 900400 in setup.conf)
Expand All @@ -121,7 +121,7 @@ SecRule &TX:sampling_percentage "@eq 0" \
phase:1,\
pass,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'tx.sampling_percentage=100'"

# Default Anomaly Scores (rule 900100 in setup.conf)
Expand All @@ -130,31 +130,31 @@ SecRule &TX:critical_anomaly_score "@eq 0" \
phase:1,\
pass,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'tx.critical_anomaly_score=5'"

SecRule &TX:error_anomaly_score "@eq 0" \
"id:901141,\
phase:1,\
pass,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'tx.error_anomaly_score=4'"

SecRule &TX:warning_anomaly_score "@eq 0" \
"id:901142,\
phase:1,\
pass,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'tx.warning_anomaly_score=3'"

SecRule &TX:notice_anomaly_score "@eq 0" \
"id:901143,\
phase:1,\
pass,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'tx.notice_anomaly_score=2'"

# Default do_reput_block
Expand All @@ -163,7 +163,7 @@ SecRule &TX:do_reput_block "@eq 0" \
phase:1,\
pass,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'tx.do_reput_block=0'"

# Default block duration
Expand All @@ -172,7 +172,7 @@ SecRule &TX:reput_block_duration "@eq 0" \
phase:1,\
pass,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'tx.reput_block_duration=300'"

# Default HTTP policy: allowed_methods (rule 900200)
Expand All @@ -181,7 +181,7 @@ SecRule &TX:allowed_methods "@eq 0" \
phase:1,\
pass,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'tx.allowed_methods=GET HEAD POST OPTIONS'"

# Default HTTP policy: allowed_request_content_type (rule 900220)
Expand All @@ -190,7 +190,7 @@ SecRule &TX:allowed_request_content_type "@eq 0" \
phase:1,\
pass,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'tx.allowed_request_content_type=|application/x-www-form-urlencoded| |multipart/form-data| |multipart/related| |text/xml| |application/xml| |application/soap+xml| |application/x-amf| |application/json| |application/cloudevents+json| |application/cloudevents-batch+json| |application/octet-stream| |application/csp-report| |application/xss-auditor-report| |text/plain|'"

# Default HTTP policy: allowed_request_content_type_charset (rule 900270)
Expand All @@ -199,7 +199,7 @@ SecRule &TX:allowed_request_content_type_charset "@eq 0" \
phase:1,\
pass,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'tx.allowed_request_content_type_charset=|utf-8| |iso-8859-1| |iso-8859-15| |windows-1252|'"

# Default HTTP policy: allowed_http_versions (rule 900230)
Expand All @@ -208,7 +208,7 @@ SecRule &TX:allowed_http_versions "@eq 0" \
phase:1,\
pass,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'tx.allowed_http_versions=HTTP/1.0 HTTP/1.1 HTTP/2 HTTP/2.0'"

# Default HTTP policy: restricted_extensions (rule 900240)
Expand All @@ -217,7 +217,7 @@ SecRule &TX:restricted_extensions "@eq 0" \
phase:1,\
pass,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'tx.restricted_extensions=.asa/ .asax/ .ascx/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .rdb/ .resources/ .resx/ .sql/ .swp/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/'"

# Default HTTP policy: restricted_headers (rule 900250)
Expand All @@ -226,7 +226,7 @@ SecRule &TX:restricted_headers "@eq 0" \
phase:1,\
pass,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'tx.restricted_headers=/proxy/ /lock-token/ /content-range/ /if/ /user-agentt/'"

# Default HTTP policy: static_extensions (rule 900260)
Expand All @@ -235,7 +235,7 @@ SecRule &TX:static_extensions "@eq 0" \
phase:1,\
pass,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'tx.static_extensions=/.jpg/ /.jpeg/ /.png/ /.gif/ /.js/ /.css/ /.ico/ /.svg/ /.webp/'"

# Default enforcing of body processor URLENCODED
Expand All @@ -244,7 +244,7 @@ SecRule &TX:enforce_bodyproc_urlencoded "@eq 0" \
phase:1,\
pass,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'tx.enforce_bodyproc_urlencoded=0'"

#
Expand All @@ -262,7 +262,7 @@ SecAction \
pass,\
t:none,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'tx.anomaly_score=0',\
setvar:'tx.anomaly_score_pl1=0',\
setvar:'tx.anomaly_score_pl2=0',\
Expand Down Expand Up @@ -299,7 +299,7 @@ SecRule REQUEST_HEADERS:User-Agent "@rx ^.*$" \
pass,\
t:none,t:sha1,t:hexEncode,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'tx.ua_hash=%{MATCHED_VAR}'"

SecAction \
Expand All @@ -308,7 +308,7 @@ SecAction \
pass,\
t:none,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
initcol:global=global,\
initcol:ip=%{remote_addr}_%{tx.ua_hash},\
setvar:'tx.real_ip=%{remote_addr}'"
Expand All @@ -329,7 +329,7 @@ SecRule REQBODY_PROCESSOR "!@rx (?:URLENCODED|MULTIPART|XML|JSON)" \
msg:'Enabling body inspection',\
tag:'paranoia-level/1',\
ctl:forceRequestBodyVariable=On,\
ver:'OWASP_CRS/3.3.0'"
ver:'OWASP_CRS/3.4.0-dev'"

# Force body processor URLENCODED
SecRule TX:enforce_bodyproc_urlencoded "@eq 1" \
Expand All @@ -340,7 +340,7 @@ SecRule TX:enforce_bodyproc_urlencoded "@eq 1" \
nolog,\
noauditlog,\
msg:'Enabling forced body inspection for ASCII content',\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
chain"
SecRule REQBODY_PROCESSOR "!@rx (?:URLENCODED|MULTIPART|XML|JSON)" \
"ctl:requestBodyProcessor=URLENCODED"
Expand Down Expand Up @@ -379,7 +379,7 @@ SecRule TX:sampling_percentage "@eq 100" \
phase:1,\
pass,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
skipAfter:END-SAMPLING"

SecRule UNIQUE_ID "@rx ^." \
Expand All @@ -388,7 +388,7 @@ SecRule UNIQUE_ID "@rx ^." \
pass,\
t:sha1,t:hexEncode,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'TX.sampling_rnd100=%{MATCHED_VAR}'"

SecRule DURATION "@rx (..)$" \
Expand All @@ -397,7 +397,7 @@ SecRule DURATION "@rx (..)$" \
pass,\
capture,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'TX.sampling_rnd100=%{TX.sampling_rnd100}%{TX.1}'"

SecRule TX:sampling_rnd100 "@rx ^[a-f]*([0-9])[a-f]*([0-9])" \
Expand All @@ -406,7 +406,7 @@ SecRule TX:sampling_rnd100 "@rx ^[a-f]*([0-9])[a-f]*([0-9])" \
pass,\
capture,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'TX.sampling_rnd100=%{TX.1}%{TX.2}'"

SecRule TX:sampling_rnd100 "@rx ^0([0-9])" \
Expand All @@ -415,7 +415,7 @@ SecRule TX:sampling_rnd100 "@rx ^0([0-9])" \
pass,\
capture,\
nolog,\
ver:'OWASP_CRS/3.3.0',\
ver:'OWASP_CRS/3.4.0-dev',\
setvar:'TX.sampling_rnd100=%{TX.1}'"


Expand All @@ -440,7 +440,7 @@ SecRule TX:sampling_rnd100 "!@lt %{tx.sampling_percentage}" \
noauditlog,\
msg:'Sampling: Disable the rule engine based on sampling_percentage %{TX.sampling_percentage} and random number %{TX.sampling_rnd100}',\
ctl:ruleEngine=Off,\
ver:'OWASP_CRS/3.3.0'"
ver:'OWASP_CRS/3.4.0-dev'"

SecMarker "END-SAMPLING"

Expand All @@ -458,4 +458,4 @@ SecRule TX:executing_paranoia_level "@lt %{tx.paranoia_level}" \
t:none,\
log,\
msg:'Executing paranoia level configured is lower than the paranoia level itself. This is illegal. Blocking request. Aborting',\
ver:'OWASP_CRS/3.3.0'"
ver:'OWASP_CRS/3.4.0-dev'"
Loading
0