1### Tests for rule exceptions 2 3# SecRuleRemoveById 4{ 5 type => "rule", 6 comment => "SecRuleRemoveById (single)", 7 conf => qq( 8 SecRuleEngine On 9 SecDebugLog $ENV{DEBUG_LOG} 10 SecDebugLogLevel 9 11 SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:101010" 12 SecRuleRemoveById 101010 13 ), 14 match_log => { 15 -error => [ qr/101010/, 1 ], 16 -audit => [ qr/./, 1 ], 17 debug => [ qr/Starting phase REQUEST_HEADERS\..*This phase consists of 0 rule.*Starting phase RESPONSE_HEADERS\./s, 1 ], 18 -debug => [ qr/Access denied/, 1 ], 19 }, 20 match_response => { 21 status => qr/^200$/, 22 }, 23 request => new HTTP::Request( 24 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt", 25 ), 26}, 27{ 28 type => "rule", 29 comment => "SecRuleRemoveById (multiple)", 30 conf => qq( 31 SecRuleEngine On 32 SecDebugLog $ENV{DEBUG_LOG} 33 SecDebugLogLevel 9 34 SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:101010" 35 SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:202020" 36 SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:303030" 37 SecRuleRemoveById 101010 202020 303030 38 ), 39 match_log => { 40 -error => [ qr/101010|202020|303030/, 1 ], 41 -audit => [ qr/./, 1 ], 42 debug => [ qr/Starting phase REQUEST_HEADERS\..*This phase consists of 0 rule.*Starting phase RESPONSE_HEADERS\./s, 1 ], 43 -debug => [ qr/Access denied/, 1 ], 44 }, 45 match_response => { 46 status => qr/^200$/, 47 }, 48 request => new HTTP::Request( 49 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt", 50 ), 51}, 52{ 53 type => "rule", 54 comment => "SecRuleRemoveById (range)", 55 conf => qq( 56 SecRuleEngine On 57 SecDebugLog $ENV{DEBUG_LOG} 58 SecDebugLogLevel 9 59 SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:101010" 60 SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:202020" 61 SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:303030" 62 SecRuleRemoveById 101010-303030 63 ), 64 match_log => { 65 -error => [ qr/101010|202020|303030/, 1 ], 66 -audit => [ qr/./, 1 ], 67 debug => [ qr/Starting phase REQUEST_HEADERS\..*This phase consists of 0 rule.*Starting phase RESPONSE_HEADERS\./s, 1 ], 68 -debug => [ qr/Access denied/, 1 ], 69 }, 70 match_response => { 71 status => qr/^200$/, 72 }, 73 request => new HTTP::Request( 74 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt", 75 ), 76}, 77{ 78 type => "rule", 79 comment => "SecRuleRemoveById (multiple + range)", 80 conf => qq( 81 SecRuleEngine On 82 SecDebugLog $ENV{DEBUG_LOG} 83 SecDebugLogLevel 9 84 SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:101010" 85 SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:202020" 86 SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:303030" 87 SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:404040" 88 SecRuleRemoveById 101010 202020-404040 89 ), 90 match_log => { 91 -error => [ qr/101010|202020|303030|404040/, 1 ], 92 -audit => [ qr/./, 1 ], 93 debug => [ qr/Starting phase REQUEST_HEADERS\..*This phase consists of 0 rule.*Starting phase RESPONSE_HEADERS\./s, 1 ], 94 -debug => [ qr/Access denied/, 1 ], 95 }, 96 match_response => { 97 status => qr/^200$/, 98 }, 99 request => new HTTP::Request( 100 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt", 101 ), 102}, 103 104# SecRuleRemoveByMsg 105{ 106 type => "rule", 107 comment => "SecRuleRemoveByMsg", 108 conf => qq( 109 SecRuleEngine On 110 SecDebugLog $ENV{DEBUG_LOG} 111 SecDebugLogLevel 9 112 SecRule REQUEST_URI "test" "phase:1,deny,status:500,msg:'testing rule',id:500001" 113 SecRuleRemoveByMsg "testing rule" 114 ), 115 match_log => { 116 -error => [ qr/500001/, 1 ], 117 -audit => [ qr/./, 1 ], 118 debug => [ qr/Starting phase REQUEST_HEADERS\..*This phase consists of 0 rule.*Starting phase RESPONSE_HEADERS\./s, 1 ], 119 -debug => [ qr/Access denied/, 1 ], 120 }, 121 match_response => { 122 status => qr/^200$/, 123 }, 124 request => new HTTP::Request( 125 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt", 126 ), 127}, 128 129 130