D7net
Home
Console
Upload
information
Create File
Create Folder
About
Tools
:
/
etc
/
apache2
/
conf.d
/
imh-modsec
/
Filename :
31_shellshock.conf
back
Copy
# both.conf # Rules intended to potentially mitigate the BASH "shellshock" bug # T3 Trac #8148 (https://trac.imhtech.net/T3/ticket/8148) SecRule REQUEST_HEADERS "^\(\) {" \ "phase:1,deny,id:13100,t:urlDecode,status:403,log,\ msg:'CVE-2014-6271 - Bash Attack'" SecRule REQUEST_LINE "\(\) {" \ "phase:1,deny,id:13101,status:403,log,\ msg:'CVE-2014-6271 - Bash Attack'" SecRule ARGS_NAMES "^\(\) {" \ "phase:2,deny,id:13102,t:urlDecode,t:urlDecodeUni,status:403,log,\ msg:'CVE-2014-6271 - Bash Attack'" SecRule ARGS "^\(\) {" \ "phase:2,deny,id:13103,t:urlDecode,t:urlDecodeUni,status:403,log,\ msg:'CVE-2014-6271 - Bash Attack'" SecRule FILES_NAMES "^\(\) {" \ "phase:2,deny,id:13104,t:urlDecode,t:urlDecodeUni,status:403,log,\ msg:'CVE-2014-6271 - Bash Attack'"