# --------------------------------------------------------------- # ModSecurity Rules # Generated by Netsparker Enterprise # --------------------------------------------------------------- SecRule REQUEST_URI "^\/hello\.php""phase:2,chain,deny,msg:'Netsparker Cloud - Code Evaluation (PHP): /hello.php [name]',id:'134993',severity:'2'" SecRule ARGS:name "'|%27|\"|%22|;|%3b|\+|%2b|/|%2f" SecRule REQUEST_URI "^\/products\.php""phase:2,chain,deny,msg:'Netsparker Cloud - Cross-site Scripting: /products.php [pro]',id:'282128',severity:'2'" SecRule ARGS:pro "<|%3c|%253c|>|%3e|%253e|;|%3b|'| %27 |\"|%22" SecRule REQUEST_URI "^\/auth\/xss\.php""phase:2,chain,deny,msg:'Netsparker Cloud - Cross-site Scripting: /auth/xss.php [search]',id:'622567',severity:'2'" SecRule ARGS:search "<|%3c|%253c|>|%3e|%253e|;|%3b|'| %27 |\"|%22" SecRule REQUEST_URI "^\/artist\.php""phase:2,chain,deny,msg:'Netsparker Cloud - Frame Injection: /artist.php [id]',id:'878025',severity:'2'" SecRule ARGS:id "<|%3c|:|%3a|/|%2f|\|%5c" SecRule REQUEST_URI "^\/artist\.php""phase:2,chain,deny,msg:'Netsparker Cloud - Boolean Based SQL Injection: /artist.php [id]',id:'556573',severity:'2'" SecRule ARGS:id "'|%27|\"|%22|=|%3d" SecRule REQUEST_URI "^\/hello\.php""phase:2,chain,deny,msg:'Netsparker Cloud - Cross-site Scripting: /hello.php [name]',id:'561015',severity:'2'" SecRule ARGS:name "<|%3c|%253c|>|%3e|%253e|;|%3b|'| %27 |\"|%22" SecRule REQUEST_URI "^\/\.svn\/[^?]*( |%20|\n|$|\?|\/\?|\/\n|\/$|\/ |\/%20)""phase:2,deny,msg:'Netsparker Cloud - SVN Detected: /.svn/',id:'238772',severity:'2'" SecRule REQUEST_URI "^\/\.svn\/[^?]*( |%20|\n|$|\?|\/\?|\/\n|\/$|\/ |\/%20)""phase:2,deny,msg:'Netsparker Cloud - Directory Listing (Apache): /.svn/',id:'720773',severity:'2'" SecRule REQUEST_URI "^\/auth\/xss\.php""phase:2,chain,deny,msg:'Netsparker Cloud - Frame Injection: /auth/xss.php [search]',id:'212001',severity:'2'" SecRule ARGS:search "<|%3c|:|%3a|/|%2f|\|%5c" SecRule REQUEST_URI "^\/hello\.php""phase:2,chain,deny,msg:'Netsparker Cloud - Frame Injection: /hello.php [name]',id:'649640',severity:'2'" SecRule ARGS:name "<|%3c|:|%3a|/|%2f|\|%5c" SecRule REQUEST_URI "^\/""phase:2,deny,msg:'Netsparker Cloud - TRACE/TRACK Method Detected: /',id:'703248',severity:'2',chain" SecRule REQUEST_METHOD "^TRAC(E|K)$" SecRule REQUEST_URI "^\/artist\.php""phase:2,chain,deny,msg:'Netsparker Cloud - Cross-site Scripting: /artist.php [id]',id:'379683',severity:'2'" SecRule ARGS:id "<|%3c|%253c|>|%3e|%253e|;|%3b|'| %27 |\"|%22"