modsecurity系列三:规则2-Operators
来源:互联网 发布:运动装 休闲装 知乎 编辑:程序博客网 时间:2024/06/05 08:03
In the examples so far the assumption was that we are always going to use regular pattern matching against input. While regular expressions are very useful, there are often times when you want to do something else. That is when operators come to play. The truth is that ModSecurity always uses an operator, but that it assumes that you want to use regular patterns matching unless you specify an operator in a rule. So, to start with, here’s a rule that explicitly specifies an operator- -the regular pattern matching one!
SecRule ARGS:username "@rx ^(admin|root)$"
The above rule which checks if the requested username is admin or root. You may have
noticed a few things:
• Operators begin with a @ character.
• Operators are always placed at the beginning of the second SecRule token.
• There’s always a space after an operator. Whatever follows the space is the single operator
parameter. In the case of the @rx operator, the parameter is a regular expression.
• When you have a rule with an explicit operator you’ll need to use double quotes
around the token, because there’s always going to be a space character
String matching operators
String matching operators all take a string on input and attempt to match it to the provided
parameter. The @rx and @pm operators are the ones commonly used, because of their versatility
(@rx) and speed (@pm), but the remaining operators are also useful, especially if you
need variable expansion, which neither @rx nor @pm support.
常用的操作符如下
@beginsWith Begins with
@contains Contains
@endsWith Ends with
@rx Regular pattern match
@pm Parallel matching 相识匹配
@pmFromFile (@pmf in v2.6) Parallel matching, with arguments from a file
@streq String equal to
@within Within
Numerical operators
Numerical operators, in Table 5.10, “Numerical operators” make comparing numerical values
easy (previously you had to resort to using complex regular expressions).
Operator Description
@eq Equal
@ge Greater or equal
@gt Greater than
@le Less or equal
@lt Less than
Validation operators
Validation operators, in Table 5.11, “Validation operators”, all validate input in some way.
Operator Description
@validateByteRange Validates that parameter consists only of allowed byte values
@validateDTD Validates XML payload against a DTD
@validateSchema Validates XML payload against a Schema
@validateUrlEncoding Validates an URL-encoded string
@validateUtf8Encoding Validates an UTF-8 encoded string
Miscellaneous operators 其他操作
And, finally, there’s the miscellaneous category (Table 5.12, “Miscellaneous operators”),which offers some very useful functionality.
Operator Description
@geoLookup Determines the physical location of an IP address
@inspectFile Invokes an external script to inspect a file 调用外部脚本来检查一个文件
@rbl Looks parameter against a RBL (real-time block list)
@verifyCC Checks if the parameter is a valid credit card number 是否是有效的信用卡号码
- modsecurity系列三:规则2-Operators
- modsecurity系列三:规则1-Variables
- modsecurity系列三:规则3-Actions
- modsecurity系列四:规则实战2
- modsecurity系列四:规则实战1
- modsecurity系列一:简介
- ModSecurity OWASP 规则集说明
- modsecurity系列五:白名单
- modsecurity设置规则防止SQL注入
- WAFaas modsecurity整体规则的介绍
- ModSecurity
- caffe2--Operators(三)
- modsecurity系列二:主文件配置
- 目标跟踪系列三:ECO: Efficient Convolution Operators for Tracking(2016年11月)
- RxSwift 系列(七) -- Connectable Operators
- zZ-ModSecurity Framework支持Web应用安全核心规则集
- 17.9.2 Binary operators
- Operators
- java学习笔记1
- java的final关键字——修饰方法
- Mac OS X 如何查看隐藏文件
- java修饰符总结
- 利用HttpClient和HtmlParser构造简单爬虫
- modsecurity系列三:规则2-Operators
- Linux shell脚本中父子进程与变量的分析
- 《正则表达式必知必会》-- 个人认为最好的RE入门书籍
- mysql笔记
- java的final关键字——修饰参数和修饰类
- Java直接(堆外)内存使用详解
- 解决/lib64/libc.so.6: version `GLIBC_2.14' not found
- 一招解决全局键盘遮挡输入框问题
- JavaScript DOM加载