Skip to content
This repository was archived by the owner on May 14, 2020. It is now read-only.

Commit 30bc65e

Browse files
dune73dune73
authored
Merge pull request #887 from fzipi/v3.1/dev-issue882
V3.1/dev issue882
2 parents 4304b9e + 2e114fc commit 30bc65e

File tree

1 file changed

+2
-1
lines changed

1 file changed

+2
-1
lines changed

rules/REQUEST-931-APPLICATION-ATTACK-RFI.conf

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -125,8 +125,9 @@ SecRule ARGS "@rx ^(?i)(?:file|ftps?|https?)://(.*)$" \
125125
rev:'3',\
126126
ver:'OWASP_CRS/3.0.0',\
127127
severity:'CRITICAL',\
128+
setvar:tx.rfi_parameter_%{matched_var_name}=%{tx.1},\
128129
chain"
129-
SecRule TX:1 "!@beginsWith %{request_headers.host}" \
130+
SecRule TX:/rfi_parameter_.*/ "!@beginsWith %{request_headers.host}" \
130131
"setvar:'tx.msg=%{rule.msg}',\
131132
setvar:tx.rfi_score=+%{tx.critical_anomaly_score},\
132133
setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},\

0 commit comments

Comments
 (0)