apache2/t/regression/rule/00-basics.t

   1 ### Tests for basic rule components
   2
   3 # SecAction
   4 {
   5         type => "rule",
   6         comment => "SecAction (override default)",
   7         conf => qq(
   8                 SecRuleEngine On
   9                 SecDebugLog $ENV{DEBUG_LOG}
  10                 SecDebugLogLevel 4
  11                 SecAction "nolog"
  12         ),
  13         match_log => {
  14                 -error => [ qr/ModSecurity: /, 1 ],
  15                 -audit => [ qr/./, 1 ],
  16                 debug => [ qr/Warning\. Unconditional match in SecAction\./, 1 ],
  17         },
  18         match_response => {
  19                 status => qr/^200$/,
  20         },
  21         request => new HTTP::Request(
  22                 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
  23         ),
  24 },
  25
  26 # SecRule
  27 {
  28         type => "rule",
  29         comment => "SecRule (no action)",
  30         conf => qq(
  31                 SecRuleEngine On
  32                 SecDebugLog $ENV{DEBUG_LOG}
  33                 SecDebugLogLevel 5
  34         SecDefaultAction "phase:2,deny,status:403"
  35         SecRule ARGS:test "value"
  36         ),
  37         match_log => {
  38                 error => [ qr/ModSecurity: /, 1 ],
  39                 debug => [ qr/Rule [0-9a-f]+: SecRule "ARGS:test" "\@rx value" "phase:2,deny,status:403"$/m, 1 ],
  40         },
  41         match_response => {
  42                 status => qr/^403$/,
  43         },
  44         request => new HTTP::Request(
  45                 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt?test=value",
  46         ),
  47 },
  48 {
  49         type => "rule",
  50         comment => "SecRule (action)",
  51         conf => qq(
  52                 SecRuleEngine On
  53                 SecDebugLog $ENV{DEBUG_LOG}
  54                 SecDebugLogLevel 5
  55         SecDefaultAction "phase:2,pass"
  56         SecRule ARGS:test "value" "deny,status:403"
  57         ),
  58         match_log => {
  59                 error => [ qr/ModSecurity: /, 1 ],
  60                 debug => [ qr/Rule [0-9a-f]+: SecRule "ARGS:test" "\@rx value" "phase:2,deny,status:403"$/m, 1 ],
  61         },
  62         match_response => {
  63                 status => qr/^403$/,
  64         },
  65         request => new HTTP::Request(
  66                 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt?test=value",
  67         ),
  68 },
  69 {
  70         type => "rule",
  71         comment => "SecRule (chain)",
  72         conf => qq(
  73                 SecRuleEngine On
  74                 SecDebugLog $ENV{DEBUG_LOG}
  75                 SecDebugLogLevel 5
  76         SecDefaultAction "phase:2,log,noauditlog,pass,tag:foo"
  77         SecRule ARGS:test "value" "chain,phase:2,deny,status:403"
  78         SecRule &ARGS "\@eq 1" "chain,setenv:tx.foo=bar"
  79         SecRule REQUEST_METHOD "\@streq GET"
  80         ),
  81         match_log => {
  82                 error => [ qr/ModSecurity: /, 1 ],
  83                 debug => [ qr/Rule [0-9a-f]+: SecRule "ARGS:test" "\@rx value" "phase:2,log,noauditlog,tag:foo,chain,deny,status:403"\r?\n.*Rule [0-9a-f]+: SecRule "&ARGS" "\@eq 1" "chain,setenv:tx.foo=bar"\r?\n.*Rule [0-9a-f]+: SecRule "REQUEST_METHOD" "\@streq GET"\r?\n/s, 1 ],
  84         },
  85         match_response => {
  86                 status => qr/^403$/,
  87         },
  88         request => new HTTP::Request(
  89                 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt?test=value",
  90         ),
  91 },