1 ### Tests all of the actions in each phase
6 comment => "pass in phase:1",
9 SecRequestBodyAccess On
10 SecResponseBodyAccess On
11 SecResponseBodyMimeType null
12 SecAction "phase:1,pass"
13 SecAction "phase:1,deny"
16 error => [ qr/ModSecurity: Warning. Unconditional match in SecAction/, 1 ],
21 request => new HTTP::Request(
22 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
27 comment => "pass in phase:2",
30 SecRequestBodyAccess On
31 SecResponseBodyAccess On
32 SecResponseBodyMimeType null
33 SecAction "phase:2,pass"
34 SecAction "phase:2,deny"
37 error => [ qr/ModSecurity: Warning. Unconditional match in SecAction/, 1 ],
42 request => new HTTP::Request(
43 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
48 comment => "pass in phase:3",
51 SecRequestBodyAccess On
52 SecResponseBodyAccess On
53 SecResponseBodyMimeType null
54 SecDebugLog "$ENV{DEBUG_LOG}"
56 SecAction "phase:3,pass"
57 SecAction "phase:3,deny"
60 error => [ qr/ModSecurity: Warning. Unconditional match in SecAction/, 1 ],
65 request => new HTTP::Request(
66 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
71 comment => "pass in phase:4",
74 SecRequestBodyAccess On
75 SecResponseBodyAccess On
76 SecResponseBodyMimeType null
77 SecDebugLog "$ENV{DEBUG_LOG}"
79 SecAction "phase:4,pass"
80 SecAction "phase:4,deny"
83 error => [ qr/ModSecurity: Warning. Unconditional match in SecAction/, 1 ],
88 request => new HTTP::Request(
89 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
96 comment => "allow in phase:1",
99 SecRequestBodyAccess On
100 SecResponseBodyAccess On
101 SecResponseBodyMimeType null
102 SecAction "phase:1,allow"
103 SecAction "phase:1,deny"
106 error => [ qr/ModSecurity: Access allowed \(phase 1\). Unconditional match in SecAction/, 1 ],
111 request => new HTTP::Request(
112 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
117 comment => "allow in phase:2",
120 SecRequestBodyAccess On
121 SecResponseBodyAccess On
122 SecResponseBodyMimeType null
123 SecAction "phase:2,allow"
124 SecAction "phase:2,deny"
127 error => [ qr/ModSecurity: Access allowed \(phase 2\). Unconditional match in SecAction/, 1 ],
132 request => new HTTP::Request(
133 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
138 comment => "allow in phase:3",
141 SecRequestBodyAccess On
142 SecResponseBodyAccess On
143 SecResponseBodyMimeType null
144 SecDebugLog "$ENV{DEBUG_LOG}"
146 SecAction "phase:3,allow"
147 SecAction "phase:3,deny"
150 error => [ qr/ModSecurity: Access allowed \(phase 3\). Unconditional match in SecAction/, 1 ],
155 request => new HTTP::Request(
156 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
161 comment => "allow in phase:4",
164 SecRequestBodyAccess On
165 SecResponseBodyAccess On
166 SecResponseBodyMimeType null
167 SecDebugLog "$ENV{DEBUG_LOG}"
169 SecAction "phase:4,allow"
170 SecAction "phase:4,deny"
173 error => [ qr/ModSecurity: Access allowed \(phase 4\). Unconditional match in SecAction/, 1 ],
178 request => new HTTP::Request(
179 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
186 comment => "deny in phase:1",
189 SecRequestBodyAccess On
190 SecResponseBodyAccess On
191 SecResponseBodyMimeType null
192 SecAction "phase:1,deny"
195 error => [ qr/Access denied with code 403 \(phase 1\). Unconditional match in SecAction./, 1 ],
200 request => new HTTP::Request(
201 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
206 comment => "deny in phase:2",
209 SecRequestBodyAccess On
210 SecResponseBodyAccess On
211 SecResponseBodyMimeType null
212 SecAction "phase:2,deny"
215 error => [ qr/Access denied with code 403 \(phase 2\). Unconditional match in SecAction./, 1 ],
220 request => new HTTP::Request(
221 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
226 comment => "deny in phase:3",
229 SecRequestBodyAccess On
230 SecResponseBodyAccess On
231 SecResponseBodyMimeType null
232 SecDebugLog "$ENV{DEBUG_LOG}"
234 SecAction "phase:3,deny"
237 error => [ qr/Access denied with code 403 \(phase 3\). Unconditional match in SecAction./, 1 ],
242 request => new HTTP::Request(
243 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
248 comment => "deny in phase:4",
251 SecRequestBodyAccess On
252 SecResponseBodyAccess On
253 SecResponseBodyMimeType null
254 SecDebugLog "$ENV{DEBUG_LOG}"
256 SecAction "phase:4,deny"
259 error => [ qr/Access denied with code 403 \(phase 4\). Unconditional match in SecAction./, 1 ],
264 request => new HTTP::Request(
265 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
272 comment => "drop in phase:1",
275 SecRequestBodyAccess On
276 SecResponseBodyAccess On
277 SecResponseBodyMimeType null
278 SecAction "phase:1,drop"
281 error => [ qr/Access denied with connection close \(phase 1\). Unconditional match in SecAction./, 1 ],
286 request => new HTTP::Request(
287 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
292 comment => "drop in phase:2",
295 SecRequestBodyAccess On
296 SecResponseBodyAccess On
297 SecResponseBodyMimeType null
298 SecAction "phase:2,drop"
301 error => [ qr/Access denied with connection close \(phase 2\). Unconditional match in SecAction./, 1 ],
306 request => new HTTP::Request(
307 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
312 comment => "drop in phase:3",
315 SecRequestBodyAccess On
316 SecResponseBodyAccess On
317 SecResponseBodyMimeType null
318 SecDebugLog "$ENV{DEBUG_LOG}"
320 SecAction "phase:3,drop"
323 error => [ qr/Access denied with connection close \(phase 3\). Unconditional match in SecAction./, 1 ],
328 request => new HTTP::Request(
329 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
334 comment => "drop in phase:4",
337 SecRequestBodyAccess On
338 SecResponseBodyAccess On
339 SecResponseBodyMimeType null
340 SecDebugLog "$ENV{DEBUG_LOG}"
342 SecAction "phase:4,drop"
345 error => [ qr/Access denied with connection close \(phase 4\). Unconditional match in SecAction./, 1 ],
350 request => new HTTP::Request(
351 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
358 comment => "redirect in phase:1 (get)",
361 SecRequestBodyAccess On
362 SecResponseBodyAccess On
363 SecResponseBodyMimeType null
364 SecRule REQUEST_URI "\@streq /test2.txt" "phase:1,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt'"
367 error => [ qr/ModSecurity: Access denied with redirection to .* using status 302 \(phase 1\)/, 1 ],
371 content => qr/^TEST$/,
373 request => new HTTP::Request(
374 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
379 comment => "redirect in phase:2 (get)",
382 SecRequestBodyAccess On
383 SecResponseBodyAccess On
384 SecResponseBodyMimeType null
385 SecRule REQUEST_URI "\@streq /test2.txt" "phase:2,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt'"
388 error => [ qr/ModSecurity: Access denied with redirection to .* using status 302 \(phase 2\)/, 1 ],
392 content => qr/^TEST$/,
394 request => new HTTP::Request(
395 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
400 comment => "redirect in phase:3 (get)",
403 SecRequestBodyAccess On
404 SecResponseBodyAccess On
405 SecResponseBodyMimeType null
406 SecDebugLog "$ENV{DEBUG_LOG}"
408 SecRule REQUEST_URI "\@streq /test2.txt" "phase:3,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt'"
411 error => [ qr/ModSecurity: Access denied with redirection to .* using status 302 \(phase 3\)/, 1 ],
415 content => qr/^TEST$/,
417 request => new HTTP::Request(
418 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
423 comment => "redirect in phase:4 (get)",
426 SecRequestBodyAccess On
427 SecResponseBodyAccess On
428 SecResponseBodyMimeType null
429 SecDebugLog "$ENV{DEBUG_LOG}"
431 SecRule REQUEST_URI "\@streq /test2.txt" "phase:4,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt'"
434 error => [ qr/ModSecurity: Access denied with redirection to .* using status 302 \(phase 4\)/, 1 ],
438 content => qr/^TEST$/,
440 request => new HTTP::Request(
441 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
448 comment => "proxy in phase:1 (get)",
451 SecRequestBodyAccess On
452 SecResponseBodyAccess On
453 SecResponseBodyMimeType null
454 SecRule REQUEST_URI "\@streq /test2.txt" "phase:1,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt'"
457 error => [ qr/ModSecurity: Access denied using proxy to \(phase 1\)/, 1 ],
461 content => qr/^TEST$/,
463 request => new HTTP::Request(
464 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
469 comment => "proxy in phase:2 (get)",
472 SecRequestBodyAccess On
473 SecResponseBodyAccess On
474 SecResponseBodyMimeType null
475 SecRule REQUEST_URI "\@streq /test2.txt" "phase:2,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt'"
478 error => [ qr/ModSecurity: Access denied using proxy to \(phase 2\)/, 1 ],
482 content => qr/^TEST$/,
484 request => new HTTP::Request(
485 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
490 comment => "proxy in phase:3 (get)",
493 SecRequestBodyAccess On
494 SecResponseBodyAccess On
495 SecResponseBodyMimeType null
496 SecDebugLog "$ENV{DEBUG_LOG}"
498 SecRule REQUEST_URI "\@streq /test2.txt" "phase:3,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt'"
501 error => [ qr/ModSecurity: Access denied with code 500 \(phase 3\) \(Configuration Error: Proxy action requested but it does not work in output phases\)./, 1 ],
506 request => new HTTP::Request(
507 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
512 comment => "proxy in phase:4 (get)",
515 SecRequestBodyAccess On
516 SecResponseBodyAccess On
517 SecResponseBodyMimeType null
518 SecDebugLog "$ENV{DEBUG_LOG}"
520 SecRule REQUEST_URI "\@streq /test2.txt" "phase:4,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt'"
523 error => [ qr/ModSecurity: Access denied with code 500 \(phase 4\) \(Configuration Error: Proxy action requested but it does not work in output phases\)./, 1 ],
528 request => new HTTP::Request(
529 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",