modsecurity-waf/nginx-waf/waf_rule_config

63 lines
5.1 KiB
Plaintext

# WAF version, Description, Filename, Config Token, Default, Severity
2.5.12,NULL,00_asl_0_global.conf,NULL,yes,NULL,NULL,NULL
2.5.12,NULL,malware-blacklist.txt,NULL,yes,NULL,NULL,NULL
2.5.12,RBL Ruleset,00_asl_rbl.conf,MODSEC_00_RBL,no,low,NULL,NULL
2.7.0,Bogus Search Engine Ruleset,00_asl_y_searchengines.conf,MODSEC_00_SEARCHENGINE,no,high,replaced-by-lua,2.9.0
2.6.6,Autowhitelist Search Engine Ruleset,00_asl_x_searchengines.conf,MODSEC_00_AUTOWHITELIST_SEARCHENGINE,no,low,NULL,2.9.0
2.6.1,Antievasion Ruleset,00_asl_z_antievasion.conf,MODSEC_00_ANTIEVASION,yes,high,NULL,NULL
2.7.0,Strict Multiform Ruleset,00_asl_zz_strict.conf,MODSEC_00_STRICT,yes,moderate,NULL,NULL
2.7.7,Threat Intelligence Ruleset,00_asl_z_aa_threat_intelligence.conf,MODSEC_00_THREAT,no,moderate,NULL,NULL
2.7.7,NULL,999_asl_threat_intelligence.conf,MODSEC_00_THREAT,no,moderate,NULL,NULL
2.7.7,NULL,99_asl_zzzz_threat_intelligence.conf,MODSEC_00_THREAT,no,moderate,NULL,NULL
2.5.12,Whitelist Ruleset,00_asl_whitelist.conf,MODSEC_00_WHITELIST,no,pass,NULL,NULL
2.5.12,Whitelist Ruleset,00_asl_accesslist.conf,MODSEC_00_ACCESSLIST,no,pass,NULL,NULL
2.9.0,Blacklist Ruleset,00_asl_blacklist.conf,MODSEC_00_BLACKLIST,no,pass,NULL,NULL
2.6.3,Advanced Antievasion Ruleset,01_asl_content.conf,MODSEC_01_RULES,yes,high,NULL,NULL
2.9.0,NULL,01_asl_content_z.conf,MODSEC_01_RULES,yes,high,NULL,NULL
2.7.8,Custom Domain block Ruleset,01_asl_domain_blocks.conf,MODSEC_01_DOMAIN_BLOCKS,no,pass,NULL,NULL
2.7.2,Slow Denial of Service Protection,03_asl_dos.conf,MODSEC_03_DOS,yes,high,NULL,NULL
2.9.0,Custom User Defined Honeypot Ruleset,06_asl_honeypot.conf,MODSEC_06_HONEYPOT,no,pass,NULL,NULL
2.9.0,NULL,honeypot-files.txt,MODSEC_06_HONEYPOT,no,pass,NULL,NULL
2.7.2,NULL,000000_asl_modreqtimeout.conf,MODSEC_03_DOS,yes,high,NULL,NULL
2.5.12,Exclude Ruleset,05_asl_exclude.conf,NULL,yes,pass,NULL,NULL
2.5.12,Anti-Malware Ruleset,10_asl_antimalware.conf,MODSEC_10_ANTIMALWARE,yes,high,NULL,NULL
2.7.3,Application Specific Rules,01_asl_rules_special.conf,MODSEC_01_APP_RULES,no,low,NULL,NULL
2.9.0,Generic Attack Ruleset,10_asl_rules.conf,MODSEC_10_RULES,yes,high,NULL,NULL
2.6.1,NULL,09_asl_rules.conf,MODSEC_10_RULES,yes,high,NULL,NULL
2.5.12,NULL,sql.txt,MODSEC_10_RULES,yes,high,NULL,NULL
2.9.1,NULL,os_files.txt,MODSEC_10_RULES,yes,high,NULL,NULL
2.6.3,NULL,11_asl_rules.conf,MODSEC_10_RULES,yes,high,NULL,NULL
2.9.2,Advanced Attack Ruleset,11_asl_adv_rules.conf,MODSEC_11_ADV_RULES,yes,high,NULL,NULL
2.9.2,Advanced Attack Ruleset,php_variables.txt,MODSEC_11_ADV_RULES,yes,high,NULL,NULL
2.9.2,Advanced Attack Ruleset,php_function_names.txt,MODSEC_11_ADV_RULES,yes,high,NULL,NULL
2.6.1,Data Loss Protection Ruleset,11_asl_data_loss.conf,MODSEC_11_DLP,no,moderate,NULL,NULL
2.9.1,Brute Force Protection Ruleset,12_asl_brute.conf,MODSEC_12_BRUTE,yes,moderate,NULL,NULL
2.9.2,Advanced Command Injection Ruleset,13_asl_command_injection.conf,MODSEC_13_ADV_CMD,no,moderate,NULL,NULL
2.9.1,Supplemental Brute Force Protection Ruleset,11_asl_brute_enhanced.conf,MODSEC_11_BRUTE,no,low,NULL,NULL
2.9.1,NULL,13_asl_brute_enhanced.conf,MODSEC_11_BRUTE,no,low,NULL,NULL
2.9.0,Advanced XSS Protection Ruleset,12_asl_adv_xss_rules.conf,MODSEC_12_ADV_XSS_RULES,yes,moderate,NULL,NULL
2.5.12,Malicious Useragents Ruleset,20_asl_useragents.conf,MODSEC_20_USERAGENTS,yes,low,NULL,NULL
2.9.0,User Defined Malicious Useragents Ruleset,21_asl_useragents.conf,MODSEC_21_USERAGENTS,no,pass,NULL,NULL
2.9.0,NULL,bad_agents.txt,MODSEC_21_USERAGENTS,no,pass,NULL,NULL
2.5.12,Anti-Spam Ruleset,30_asl_antispam.conf,MODSEC_30_ANTISPAM,no,low,NULL,NULL
2.5.12,NULL,domain-spam-whitelist.txt,MODSEC_30_ANTISPAM,no,low,NULL,NULL
# retired for the .txt extension
2.5.12,NULL,domain-spam-whitelist.conf,MODSEC_30_ANTISPAM,no,low,NULL,NULL
2.5.12,NULL,domain-blacklist.txt,MODSEC_30_ANTISPAM,no,low,NULL,NULL
2.5.12,NULL,spam.data,MODSEC_30_ANTISPAM,no,low,NULL,NULL
2.6.2,Anti-Spam URI RBL Ruleset,31_asl_urispam.conf,MODSEC_31_ANTISPAM_URI,no,low,NULL,NULL
2.5.12,Rootkit Detection Ruleset,50_asl_rootkits.conf,MODSEC_50_ROOTKITS,yes,low,NULL,NULL
2.5.12,NULL,51_asl_rootkits.conf,MODSEC_50_ROOTKITS,yes,low,NULL,NULL
2.5.12,Extra Wordpress Protection Ruleset,51_asl_wordpress_extra.conf,MODSEC_51_WORDPRESS,no,low,NULL,NULL
2.5.12,NULL,malware_names.txt,MODSEC_50_ROOTKITS,yes,low,NULL,NULL
2.5.12,Reconnaissance Attacks Ruleset,60_asl_recons.conf,MODSEC_60_RECONS,no,low,NULL,NULL
2.5.12,Data Leak Prevention Ruleset,61_asl_recons_dlp.conf,MODSEC_61_RECONS_DLP,yes,low,NULL,NULL
2.7.5,Advanced Malware Removal Ruleset,98_asl_adv_redactor.conf,MODSEC_98_ADV_REDACTOR,no,moderate,NULL,NULL
2.5.12,NULL,99_asl_exclude.conf,NULL,yes,NULL,NULL,NULL
2.5.12,Just In Time Patches,99_asl_jitp.conf,MODSEC_99_JITP,yes,high,NULL,NULL
2.5.12,Basic Malware Removal Ruleset,99_asl_redactor.conf,MODSEC_99_REDACTOR,no,moderate,NULL,NULL
2.5.12,Malicious Output Detector,99_asl_redactor_post.conf,MODSEC_99_MALWARE_OUTPUT,no,moderate,NULL,NULL
2.5.12,NULL,99_asl_a_redactor.conf,MODSEC_99_MALWARE_OUTPUT,no,moderate,NULL,NULL
2.5.12,Web Malware Upload Scanner,99_asl_scanner.conf,MODSEC_99_SCANNER,no,high,NULL,NULL
2.9.0,NULL,98_asl_scanner.conf,MODSEC_99_SCANNER,no,high,NULL,NULL