我们在服务器上使用第三方软件会得到很多误报.他们自己似乎无法解决它,我正试图弄清楚如何允许cookie通过包含“CERTAINSTRING_”
以下是其中一个禁令的示例.它们都是相同的规则ID
- www.mysite.com 27.33.154.111 981231 [15/Dec/2013:12:14:36 +1100]
- Pattern match: \
- "(/\\*!?|\\*/|[';]--|--[\\s\\r\\n\\v\\f]|(?:--[^-]*?-)|([^\\-&])#.*?[\\s\\r\\n\\v\\f]|;?\\x00)" \
- at REQUEST_COOKIES: _CERTAINSTRING. \
- [file "/usr/local/apache/conf/modsecurity_crs_41_sql_injection_attacks.conf"] \
- [line "49"] \
- [id "981231"] \
- [rev "2"] \
- [msg "sql Comment Sequence Detected."] \
- [data "Matched Data: 1#"
- "description::325,1091,/file-path/file-name/999/1,http://www.mysite.com/file-path/file-name/999/1#"
- "rev found within REQUEST_COOKIES:_CERTAINSTRING: 240,http://www.mysite.com/file-path/file-name/999/1#"
- "description::325,http://www.mysite…”] \
- [severity "CRITICAL"] \
- [ver "OWASP_CRS/2.2.8"] \
- [maturity "8"] \
- [accuracy "8"] \
- [tag "OWASP_CRS/WEB_ATTACK/sql_INJECTION"] \
- [tag "WASCTC/WASC-19"] \
- [tag "OWASP_TOP_10/A1"]
