Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: use MODSEC_ARGUMENTS_LIMIT in SecRule for argument count limit #294

Merged
merged 4 commits into from
Oct 9, 2024

Conversation

Kuppit
Copy link
Contributor

@Kuppit Kuppit commented Oct 8, 2024

Description

This update replaces the fixed value 1000 in the SecRule with the ${MODSEC_ARGUMENTS_LIMIT} variable within the src/etc/modsecurity.d/modsecurity.conf file.

Why?

  • Centralized Configuration: Utilizing ${MODSEC_ARGUMENTS_LIMIT} centralizes the configuration of the argument limit, simplifying future adjustments and ensuring consistency across the configuration files.

  • Alignment with Documentation: According to the ModSecurity Reference Manual, it's recommended to pair the SecArgumentsLimit directive with a corresponding rule. This prevents attackers from bypassing the limit by adding additional parameters beyond the set threshold.

Changes

  • Modified File: src/etc/modsecurity.d/modsecurity.conf
  • Changes Made:
    • Before:
      SecRule &ARGS "@ge 1000" \
          "id:'200007', phase:2,t:none,log,deny,status:400,msg:'Failed to fully parse request body due to large argument count',severity:2"
    • After:
      SecRule &ARGS "@ge ${MODSEC_ARGUMENTS_LIMIT}" \
          "id:'200007', phase:2,t:none,log,deny,status:400,msg:'Failed to fully parse request body due to large argument count',severity:2"

Thank you for considering this contribution! Please let me know if any adjustments are needed.

fzipi
fzipi previously approved these changes Oct 9, 2024
Copy link
Member

@fzipi fzipi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for your contribution! LGTM! 😄

@fzipi fzipi changed the title Use MODSEC_ARGUMENTS_LIMIT in SecRule for argument count limit fix: use MODSEC_ARGUMENTS_LIMIT in SecRule for argument count limit Oct 9, 2024
@fzipi
Copy link
Member

fzipi commented Oct 9, 2024

You changes are good, we just need to rebase on top of #295 once merged.

@fzipi
Copy link
Member

fzipi commented Oct 9, 2024

🤔 Just by rebasing to main this should have solved. Did you needed to change the shasum?

@Kuppit
Copy link
Contributor Author

Kuppit commented Oct 9, 2024

Sorry I thought I had to update the checksum based on my change

Copy link
Member

@fzipi fzipi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@fzipi fzipi merged commit 1ef072c into coreruleset:main Oct 9, 2024
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants