Reference Manual: https://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#SecRequestBodyAccess<http://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#SecRuleEngine>
Current setting: # -- Request body handling --------------------------------------------------- # Allow ModSecurity to access request bodies. If you don't, ModSecurity # won't be able to see any POST parameters, which opens a large security # hole for attackers to exploit. # SecRequestBodyAccess On Rationale: If the protected application accepts POST requests which pass parameter data in the REQUEST_BODY, then this should be set to On. If this is not set to on, then there is large false negative/bypass evasion issue as ARGS would only ever inspect QUERY_STRING parameters. Being able to inspect POST request bodies is one of the main advantages that ModSecurity has over other Apache modules such mod_rewrite. ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. _______________________________________________ Owasp-modsecurity-core-rule-set mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
