我们在服务器上使用第三方软件会得到很多误报.他们自己似乎无法解决它,我正试图弄清楚如何允许cookie通过包含“CERTAINSTRING_”
以下是其中一个禁令的示例.它们都是相同的规则ID
www.mysite.com 27.33.154.111 981231 [15/Dec/2013:12:14:36 +1100] Pattern match: \ "(/\\*!?|\\*/|[';]--|--[\\s\\r\\n\\v\\f]|(?:--[^-]*?-)|([^\\-&])#.*?[\\s\\r\\n\\v\\f]|;?\\x00)" \ at REQUEST_COOKIES: _CERTAINSTRING. \ [file "/usr/local/apache/conf/modsecurity_crs_41_sql_injection_attacks.conf"] \ [line "49"] \ [id "981231"] \ [rev "2"] \ [msg "sql Comment Sequence Detected."] \ [data "Matched Data: 1#" "description::325,1091,/file-path/file-name/999/1,http://www.mysite.com/file-path/file-name/999/1#" "rev found within REQUEST_COOKIES:_CERTAINSTRING: 240,http://www.mysite.com/file-path/file-name/999/1#" "description::325,http://www.mysite…”] \ [severity "CRITICAL"] \ [ver "OWASP_CRS/2.2.8"] \ [maturity "8"] \ [accuracy "8"] \ [tag "OWASP_CRS/WEB_ATTACK/sql_INJECTION"] \ [tag "WASCTC/WASC-19"] \ [tag "OWASP_TOP_10/A1"]
