Editing: 31_shellshock.conf
# both.conf # Rules intended to potentially mitigate the BASH "shellshock" bug # T3 Trac #8148 (https://trac.imhtech.net/T3/ticket/8148) SecRule REQUEST_HEADERS "^\(\) {" \ "phase:1,deny,id:13100,t:urlDecode,status:403,log,\ msg:'CVE-2014-6271 - Bash Attack'" SecRule REQUEST_LINE "\(\) {" \ "phase:1,deny,id:13101,status:403,log,\ msg:'CVE-2014-6271 - Bash Attack'" SecRule ARGS_NAMES "^\(\) {" \ "phase:2,deny,id:13102,t:urlDecode,t:urlDecodeUni,status:403,log,\ msg:'CVE-2014-6271 - Bash Attack'" SecRule ARGS "^\(\) {" \ "phase:2,deny,id:13103,t:urlDecode,t:urlDecodeUni,status:403,log,\ msg:'CVE-2014-6271 - Bash Attack'" SecRule FILES_NAMES "^\(\) {" \ "phase:2,deny,id:13104,t:urlDecode,t:urlDecodeUni,status:403,log,\ msg:'CVE-2014-6271 - Bash Attack'"
Save
Back