Merge pull request #915 from gpasztor87/v3.1/dev

Fix broken links in references

Author: dune73

rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf

@@ -13,7 +13,7 @@
 #
 # The purpose of this rules file is to enforce HTTP RFC requirements that state how
 # the client is supposed to interact with the server.
-# http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html
+# https://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html
 
 
 
@@ -41,7 +41,7 @@ SecRule TX:PARANOIA_LEVEL "@lt 1" "phase:2,id:920012,nolog,pass,skipAfter:END-RE
 # It also outlines proper construction for CONNECT, OPTIONS and GET requests.
 #
 # -=[ References ]=-
-# http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.2.1
+# https://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.2.1
 # http://capec.mitre.org/data/definitions/272.html
 #
 SecRule REQUEST_LINE "!@rx ^(?i:(?:[a-z]{3,10}\s+(?:\w{3,7}?://[\w\-\./]*(?::\d+)?)?/[^?#]*(?:\?[^#\s]*)?(?:#[\S]*)?|connect (?:\d{1,3}\.){3}\d{1,3}\.?(?::\d+)?|options \*)\s+[\w\./]+|get /[^?#]*(?:\?[^#\s]*)?(?:#[\S]*)?)$" \
@@ -128,7 +128,7 @@ SecRule FILES_NAMES|FILES "@rx (?<!&(?:[aAoOuUyY]uml)|&(?:[aAeEiIoOuU]circ)|&(?:
 # by the request body processor if it encounters errors.
 #
 # -=[ References ]=-
-# https://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#REQBODY_ERROR
+# https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#REQBODY_ERROR
 #
 SecRule REQBODY_ERROR "!@eq 0" \
     "id:920130,\
@@ -161,7 +161,7 @@ SecRule REQBODY_ERROR "!@eq 0" \
 # _not_ to remove it altogether.
 #
 # -=[ References ]=-
-# https://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#MULTIPART_STRICT_ERROR
+# https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#MULTIPART_STRICT_ERROR
 #
 SecRule MULTIPART_STRICT_ERROR "!@eq 0" \
     "id:920140,\
@@ -202,7 +202,7 @@ SecRule MULTIPART_STRICT_ERROR "!@eq 0" \
 # is NOT all digits, then it will match.
 #
 # -=[ References ]=-
-# http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.13
+# https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.13
 #
 SecRule REQUEST_HEADERS:Content-Length "!@rx ^\d+$" \
     "id:920160,\
@@ -238,7 +238,7 @@ SecRule REQUEST_HEADERS:Content-Length "!@rx ^\d+$" \
 # empty, then it will match.
 #
 # -=[ References ]=-
-# http://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4.3
+# https://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4.3
 #
 SecRule REQUEST_METHOD "@rx ^(?:GET|HEAD)$" \
     "id:920170,\
@@ -272,7 +272,7 @@ SecRule REQUEST_METHOD "@rx ^(?:GET|HEAD)$" \
 # header is also present.
 #
 # -=[ References ]=-
-# http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9.5
+# https://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9.5
 #
 SecRule REQUEST_METHOD "@rx ^POST$" \
     "id:920180,\
@@ -308,7 +308,8 @@ SecRule REQUEST_METHOD "@rx ^POST$" \
 # This rule inspects the Range request header to see if it starts with 0.
 #
 # -=[ References ]=-
-# http://www.bad-behavior.ioerror.us/documentation/how-it-works/
+# http://www.bad-behavior.ioerror.us/about/
+# https://tools.ietf.org/html/rfc7233
 #
 # 2. Per RFC 2616 -
 #       "If the last-byte-pos value is present, it MUST be greater than or equal to the first-byte-pos in that byte-range-spec,
@@ -317,7 +318,7 @@ SecRule REQUEST_METHOD "@rx ^POST$" \
 # This rule compares the first and second byte ranges and flags when the first value is greater than the second.
 #
 # -=[ References ]=-
-# http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
+# https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
 # http://seclists.org/fulldisclosure/2011/Aug/175
 #
 SecRule REQUEST_HEADERS:Range|REQUEST_HEADERS:Request-Range "@rx (\d+)\-(\d+)\," \
@@ -352,7 +353,8 @@ SecRule REQUEST_HEADERS:Range|REQUEST_HEADERS:Request-Range "@rx (\d+)\-(\d+)\,"
 # keep-alive and close options.
 #
 # -=[ References ]=-
-# http://www.bad-behavior.ioerror.us/documentation/how-it-works/
+# http://www.bad-behavior.ioerror.us/about/
+# https://tools.ietf.org/html/rfc7233
 #
 SecRule REQUEST_HEADERS:Connection "@rx \b(?:keep-alive|close),\s?(?:keep-alive|close)\b" \
     "id:920210,\
@@ -743,7 +745,7 @@ SecRule REQUEST_HEADERS:Content-Length "!@rx ^0$" \
 # This rule triggers if the Host header contains all digits (and possible port)
 #
 # -=[ References ]=-
-# http://technet.microsoft.com/en-us/magazine/2005.01.hackerbasher.aspx
+# https://technet.microsoft.com/en-us/magazine/2005.01.hackerbasher.aspx
 #
 
 SecRule REQUEST_HEADERS:Host "@rx ^[\d.:]+$" \

rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf

@@ -23,7 +23,7 @@ SecRule TX:PARANOIA_LEVEL "@lt 1" "phase:2,id:941012,nolog,pass,skipAfter:END-RE
 #
 # -=[ Libinjection - XSS Detection ]=-
 #
-# Ref: https://libinjection.client9.com/
+# Ref: https://github.com/client9/libinjection
 # Ref: https://speakerdeck.com/ngalbreath/libinjection-from-sqli-to-xss
 #
 # -=[ Targets ]=-
@@ -660,7 +660,6 @@ SecRule REQUEST_COOKIES|!REQUEST_COOKIES:/__utm/|REQUEST_COOKIES_NAMES|ARGS_NAME
     setvar:tx.%{rule.id}-OWASP_CRS/WEB_ATTACK/XSS-%{matched_var_name}=%{tx.0}"
 
 #
-# http://openmya.hacker.jp/hasegawa/security/utf7cs.html
 # UTF-7 encoding XSS filter evasion for IE.
 # Reported by Vladimir Ivanov
 #

rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf

@@ -23,7 +23,7 @@ SecRule TX:PARANOIA_LEVEL "@lt 1" "phase:4,id:951012,nolog,pass,skipAfter:END-RE
 # -=[ SQL Error Leakages ]=-
 #
 # Ref: https://raw.github.com/sqlmapproject/sqlmap/master/xml/errors.xml
-# Ref: https://github.com/Arachni/arachni/tree/master/modules/audit/sqli/patterns
+# Ref: https://github.com/Arachni/arachni/tree/master/components/checks/active/sql_injection/regexps
 #
 SecRule RESPONSE_BODY "@pmFromFile sql-errors.data" \
     "id:951100,\

rules/RESPONSE-952-DATA-LEAKAGES-JAVA.conf

@@ -50,7 +50,7 @@ SecRule RESPONSE_BODY "@pmFromFile java-code-leakages.data" \
 #
 # -=[ Java Errors ]=-
 #
-# Ref: https://github.com/andresriancho/w3af/blob/master/plugins/grep/error_pages.py
+# Ref: https://github.com/andresriancho/w3af/blob/master/w3af/plugins/grep/error_pages.py
 #
 SecRule RESPONSE_BODY "@pmFromFile java-errors.data" \
     "id:952110,\