Skip to content
This repository was archived by the owner on May 14, 2020. It is now read-only.

Commit 2644149

Browse files
lifeformslifeforms
committed
PHP: improve message for script upload with superfluous extension
1 parent 496d313 commit 2644149

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -608,7 +608,7 @@ SecRule REQUEST_COOKIES|!REQUEST_COOKIES:/__utm/|REQUEST_COOKIES_NAMES|REQUEST_F
608608
# This rule is a stricter sibling of rule 933110.
609609
#
610610
SecRule FILES|REQUEST_HEADERS:X-Filename|REQUEST_HEADERS:X_Filename|REQUEST_HEADERS:X-File-Name "@rx .*\.(?:php\d*|phps|phtml)\..*$" \
611-
"msg:'PHP Injection Attack: PHP Script File Upload Found',\
611+
"msg:'PHP Injection Attack: PHP Script File With Superfluous Extension Found',\
612612
phase:2,\
613613
ver:'OWASP_CRS/3.0.0',\
614614
t:none,t:lowercase,\

0 commit comments

Comments
 (0)