1[ 2 { 3 "enabled": 1, 4 "version_min": 300000, 5 "version_max": 0, 6 "title": "actions :: trim,deny", 7 "client": { 8 "ip": "200.249.12.31", 9 "port": 2313 10 }, 11 "server": { 12 "ip": "200.249.12.31", 13 "port": 80 14 }, 15 "request": { 16 "headers": { 17 "Host": "net.tutsplus.com", 18 "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", 19 "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", 20 "Accept-Language": "en-us,en;q=0.5", 21 "Accept-Encoding": "gzip,deflate", 22 "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", 23 "Keep-Alive": "300", 24 "Connection": "keep-alive", 25 "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", 26 "Pragma": "no-cache", 27 "Cache-Control": "no-cache" 28 }, 29 "uri": "\/test.pl?param1= test ¶m2=test2", 30 "method": "GET", 31 "http_version": 1.1, 32 "body": "" 33 }, 34 "response": { 35 "headers": { 36 "Content-Type": "text\/xml; charset=utf-8\n\r", 37 "Content-Length": "length\n\r" 38 }, 39 "body": [ 40 "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r", 41 "<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r", 42 " <soap:Body>\n\r", 43 " <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r", 44 " <EnlightenResult>string<\/EnlightenResult>\n\r", 45 " <\/EnlightenResponse>\n\r", 46 " <\/soap:Body>\n\r", 47 "<\/soap:Envelope>\n\r" 48 ] 49 }, 50 "expected": { 51 "audit_log": "", 52 "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", 53 "error_log": "", 54 "http_code": 403 55 }, 56 "rules": [ 57 "SecRuleEngine On", 58 "SecResponseBodyAccess On", 59 "SecRule ARGS \"@contains test\" \"id:1,t:trim,deny\"" 60 ] 61 }, 62 { 63 "enabled": 1, 64 "version_min": 300000, 65 "version_max": 0, 66 "title": "actions :: trim,redirect:'http://www.google.com'", 67 "client": { 68 "ip": "200.249.12.31", 69 "port": 2313 70 }, 71 "server": { 72 "ip": "200.249.12.31", 73 "port": 80 74 }, 75 "request": { 76 "headers": { 77 "Host": "net.tutsplus.com", 78 "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", 79 "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", 80 "Accept-Language": "en-us,en;q=0.5", 81 "Accept-Encoding": "gzip,deflate", 82 "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", 83 "Keep-Alive": "300", 84 "Connection": "keep-alive", 85 "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", 86 "Pragma": "no-cache", 87 "Cache-Control": "no-cache" 88 }, 89 "uri": "\/test.pl?param1= test ¶m2=test2", 90 "method": "GET", 91 "http_version": 1.1, 92 "body": "" 93 }, 94 "response": { 95 "headers": { 96 "Content-Type": "text\/xml; charset=utf-8\n\r", 97 "Content-Length": "length\n\r" 98 }, 99 "body": [ 100 "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r", 101 "<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r", 102 " <soap:Body>\n\r", 103 " <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r", 104 " <EnlightenResult>string<\/EnlightenResult>\n\r", 105 " <\/EnlightenResponse>\n\r", 106 " <\/soap:Body>\n\r", 107 "<\/soap:Envelope>\n\r" 108 ] 109 }, 110 "expected": { 111 "audit_log": "", 112 "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", 113 "error_log": "", 114 "http_code": 302, 115 "redirect_url": "http://www.google.com" 116 }, 117 "rules": [ 118 "SecRuleEngine On", 119 "SecRule ARGS \"@contains test\" \"id:1,t:trim,redirect:'http://www.google.com'\"" 120 ] 121 }, 122 { 123 "enabled": 1, 124 "version_min": 300000, 125 "version_max": 0, 126 "title": "actions :: trim,status:306,redirect:http://www.google.com", 127 "client": { 128 "ip": "200.249.12.31", 129 "port": 2313 130 }, 131 "server": { 132 "ip": "200.249.12.31", 133 "port": 80 134 }, 135 "request": { 136 "headers": { 137 "Host": "net.tutsplus.com", 138 "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", 139 "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", 140 "Accept-Language": "en-us,en;q=0.5", 141 "Accept-Encoding": "gzip,deflate", 142 "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", 143 "Keep-Alive": "300", 144 "Connection": "keep-alive", 145 "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", 146 "Pragma": "no-cache", 147 "Cache-Control": "no-cache" 148 }, 149 "uri": "\/test.pl?param1= test ¶m2=test2", 150 "method": "GET", 151 "http_version": 1.1, 152 "body": "" 153 }, 154 "response": { 155 "headers": { 156 "Content-Type": "text\/xml; charset=utf-8\n\r", 157 "Content-Length": "length\n\r" 158 }, 159 "body": [ 160 "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r", 161 "<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r", 162 " <soap:Body>\n\r", 163 " <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r", 164 " <EnlightenResult>string<\/EnlightenResult>\n\r", 165 " <\/EnlightenResponse>\n\r", 166 " <\/soap:Body>\n\r", 167 "<\/soap:Envelope>\n\r" 168 ] 169 }, 170 "expected": { 171 "audit_log": "", 172 "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", 173 "error_log": "", 174 "http_code": 306, 175 "redirect_url": "http://www.google.com" 176 }, 177 "rules": [ 178 "SecRuleEngine On", 179 "SecRule ARGS \"@contains test\" \"id:1,t:trim,status:306,redirect:'http://www.google.com'\"" 180 ] 181 }, 182 { 183 "enabled": 1, 184 "version_min": 300000, 185 "version_max": 0, 186 "title": "actions :: trim,status:500", 187 "client": { 188 "ip": "200.249.12.31", 189 "port": 2313 190 }, 191 "server": { 192 "ip": "200.249.12.31", 193 "port": 80 194 }, 195 "request": { 196 "headers": { 197 "Host": "net.tutsplus.com", 198 "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", 199 "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", 200 "Accept-Language": "en-us,en;q=0.5", 201 "Accept-Encoding": "gzip,deflate", 202 "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", 203 "Keep-Alive": "300", 204 "Connection": "keep-alive", 205 "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", 206 "Pragma": "no-cache", 207 "Cache-Control": "no-cache" 208 }, 209 "uri": "\/test.pl?param1= test ¶m2=test2", 210 "method": "GET", 211 "http_version": 1.1, 212 "body": "" 213 }, 214 "response": { 215 "headers": { 216 "Content-Type": "text\/xml; charset=utf-8\n\r", 217 "Content-Length": "length\n\r" 218 }, 219 "body": [ 220 "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r", 221 "<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r", 222 " <soap:Body>\n\r", 223 " <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r", 224 " <EnlightenResult>string<\/EnlightenResult>\n\r", 225 " <\/EnlightenResponse>\n\r", 226 " <\/soap:Body>\n\r", 227 "<\/soap:Envelope>\n\r" 228 ] 229 }, 230 "expected": { 231 "audit_log": "", 232 "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", 233 "error_log": "", 234 "http_code": 500 235 }, 236 "rules": [ 237 "SecRuleEngine On", 238 "SecRule ARGS \"@contains test\" \"id:1,t:trim,deny,status:500\"" 239 ] 240 }, 241 { 242 "enabled": 1, 243 "version_min": 300000, 244 "version_max": 0, 245 "title": "actions :: phase:2,trim,status:500,deny", 246 "client": { 247 "ip": "200.249.12.31", 248 "port": 2313 249 }, 250 "server": { 251 "ip": "200.249.12.31", 252 "port": 80 253 }, 254 "request": { 255 "headers": { 256 "Host": "net.tutsplus.com", 257 "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", 258 "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", 259 "Accept-Language": "en-us,en;q=0.5", 260 "Accept-Encoding": "gzip,deflate", 261 "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", 262 "Keep-Alive": "300", 263 "Connection": "keep-alive", 264 "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", 265 "Pragma": "no-cache", 266 "Cache-Control": "no-cache" 267 }, 268 "uri": "\/test.pl?param1= test ¶m2=test2", 269 "method": "GET", 270 "http_version": 1.1, 271 "body": "" 272 }, 273 "response": { 274 "headers": { 275 "Content-Type": "text\/xml; charset=utf-8\n\r", 276 "Content-Length": "length\n\r" 277 }, 278 "body": [ 279 "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r", 280 "<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r", 281 " <soap:Body>\n\r", 282 " <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r", 283 " <EnlightenResult>string<\/EnlightenResult>\n\r", 284 " <\/EnlightenResponse>\n\r", 285 " <\/soap:Body>\n\r", 286 "<\/soap:Envelope>\n\r" 287 ] 288 }, 289 "expected": { 290 "audit_log": "", 291 "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", 292 "error_log": "", 293 "http_code": 500 294 }, 295 "rules": [ 296 "SecRuleEngine On", 297 "SecRule ARGS \"@contains test\" \"id:1,phase:2,t:trim,status:500,deny\"" 298 ] 299 }, 300 { 301 "enabled": 1, 302 "version_min": 300000, 303 "version_max": 0, 304 "title": "actions :: phase:4,trim,status:500,deny", 305 "client": { 306 "ip": "200.249.12.31", 307 "port": 2313 308 }, 309 "server": { 310 "ip": "200.249.12.31", 311 "port": 80 312 }, 313 "request": { 314 "headers": { 315 "Host": "net.tutsplus.com", 316 "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", 317 "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", 318 "Accept-Language": "en-us,en;q=0.5", 319 "Accept-Encoding": "gzip,deflate", 320 "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", 321 "Keep-Alive": "300", 322 "Connection": "keep-alive", 323 "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", 324 "Pragma": "no-cache", 325 "Cache-Control": "no-cache" 326 }, 327 "uri": "\/test.pl?param1= test ¶m2=test2", 328 "method": "GET", 329 "http_version": 1.1, 330 "body": "" 331 }, 332 "response": { 333 "headers": { 334 "Content-Type": "text\/xml; charset=utf-8\n\r", 335 "Content-Length": "length\n\r" 336 }, 337 "body": [ 338 "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r", 339 "<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r", 340 " <soap:Body>\n\r", 341 " <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r", 342 " <EnlightenResult>string<\/EnlightenResult>\n\r", 343 " <\/EnlightenResponse>\n\r", 344 " <\/soap:Body>\n\r", 345 "<\/soap:Envelope>\n\r" 346 ] 347 }, 348 "expected": { 349 "audit_log": "", 350 "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", 351 "error_log": "", 352 "http_code": 500 353 }, 354 "rules": [ 355 "SecRuleEngine On", 356 "SecResponseBodyAccess On", 357 "SecRule ARGS \"@contains test\" \"id:1,phase:4,t:trim,status:500,deny\"" 358 ] 359 } 360] 361