1 ### Tests for basic rule components
6 comment => "SecAction (override default)",
9 SecDebugLog $ENV{DEBUG_LOG}
14 -error => [ qr/ModSecurity: /, 1 ],
15 -audit => [ qr/./, 1 ],
16 debug => [ qr/Warning\. Unconditional match in SecAction\./, 1 ],
21 request => new HTTP::Request(
22 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
29 comment => "SecRule (no action)",
32 SecDebugLog $ENV{DEBUG_LOG}
34 SecDefaultAction "phase:2,deny,status:403"
35 SecRule ARGS:test "value"
38 error => [ qr/ModSecurity: /, 1 ],
39 debug => [ qr/Rule [0-9a-f]+: SecRule "ARGS:test" "\@rx value" "phase:2,deny,status:403"$/m, 1 ],
44 request => new HTTP::Request(
45 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt?test=value",
50 comment => "SecRule (action)",
53 SecDebugLog $ENV{DEBUG_LOG}
55 SecDefaultAction "phase:2,pass"
56 SecRule ARGS:test "value" "deny,status:403"
59 error => [ qr/ModSecurity: /, 1 ],
60 debug => [ qr/Rule [0-9a-f]+: SecRule "ARGS:test" "\@rx value" "phase:2,deny,status:403"$/m, 1 ],
65 request => new HTTP::Request(
66 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt?test=value",
71 comment => "SecRule (chain)",
74 SecDebugLog $ENV{DEBUG_LOG}
76 SecDefaultAction "phase:2,log,noauditlog,pass,tag:foo"
77 SecRule ARGS:test "value" "chain,phase:2,deny,status:403"
78 SecRule &ARGS "\@eq 1" "chain,setenv:tx.foo=bar"
79 SecRule REQUEST_METHOD "\@streq GET"
82 error => [ qr/ModSecurity: /, 1 ],
83 debug => [ qr/Rule [0-9a-f]+: SecRule "ARGS:test" "\@rx value" "phase:2,log,noauditlog,tag:foo,chain,deny,status:403"\r?\n.*Rule [0-9a-f]+: SecRule "&ARGS" "\@eq 1" "chain,setenv:tx.foo=bar"\r?\n.*Rule [0-9a-f]+: SecRule "REQUEST_METHOD" "\@streq GET"\r?\n/s, 1 ],
88 request => new HTTP::Request(
89 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt?test=value",