1[ 2 { 3 "enabled":1, 4 "version_min":300000, 5 "version_max":0, 6 "title":"SecComponentSignature", 7 "client": { 8 "ip": "200.249.12.31", 9 "port": 2313 10 }, 11 "server": { 12 "ip": "200.249.12.31", 13 "port": 80 14 }, 15 "request": { 16 "headers": { 17 "Host": "www.modsecurity.org", 18 "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", 19 "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", 20 "Accept-Language": "en-us,en;q=0.5", 21 "Accept-Encoding": "gzip,deflate", 22 "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", 23 "Keep-Alive": "300", 24 "Connection": "keep-alive", 25 "Pragma": "no-cache", 26 "Cache-Control": "no-cache" 27 }, 28 "uri": "\/test.pl?param1= test ¶m2=test2", 29 "method": "GET", 30 "http_version": 1.1, 31 "body": "" 32 }, 33 "response": { 34 "headers": { 35 "Content-Type": "plain\/text\n\r" 36 }, 37 "body": [ 38 "test" 39 ] 40 }, 41 "expected":{ 42 "audit_log":"", 43 "debug_log":".*", 44 "error_log":"", 45 "http_code": 403 46 }, 47 "rules":[ 48 "SecRuleEngine On", 49 "SecComponentSignature \"OWASP_CRS/2.2.9\"", 50 "SecRule ARGS \"@contains test\" \"id:1,t:trim,deny,status:403,auditlog\"" 51 ] 52 } 53] 54