Supported ModSecurity Functionality

Configuration Directives

  • SecAction
  • SecMarker
  • SecRule
  • SecRuleUpdateTargetById

Variables

  • ARGS
  • ARGS_COMBINED_SIZE
  • ARGS_NAMES
  • ARGS_GET
  • ARGS_GET_NAMES
  • ARGS_POST
  • ARGS_POST_NAMES
  • MATCHED_VAR
  • MATCHED_VAR_NAME
  • MATCHED_VARS
  • MATCHED_VARS_NAMES
  • QUERY_STRING
  • REMOTE_ADDR
  • REQUEST_BASENAME
  • REQUEST_BODY
  • REQUEST_COOKIES
  • REQUEST_COOKIES_NAMES
  • REQUEST_FILENAME
  • REQUEST_HEADERS
  • REQUEST_HEADERS_NAMES
  • REQUEST_LINE
  • REQUEST_METHOD
  • REQUEST_PROTOCOL
  • REQUEST_URI
  • REQUEST_URI_RAW
  • TX
  • XML

Operators

  • BEGINSWITH
  • CONTAINS
  • CONTAINSWORD
  • DETECTSQLI
  • DETECTXSS
  • ENDSWITH
  • EQ
  • GE
  • GT
  • IPMATCH
  • IPMATCHF
  • IPMATCHFROMFILE
  • PM
  • PMF
  • PMFROMFILE
  • RX
  • STREQ
  • STRMATCH
  • VERIFYCC
  • VALIDATEBYTERANGE
  • VALIDATEUTF8ENCODING
  • VALIDATEURLENCODING
  • WITHIN

Transformations

  • NONE
  • LENGTH
  • COMPRESSWHITESPACE
  • REMOVEWHITESPACE
  • REMOVENULLS
  • HEXENCODE
  • LOWERCASE
  • NORMALISEPATH
  • NORMALIZEPATH
  • REPLACECOMMENTS
  • REMOVECOMMENTS
  • NORMALIZEPATHWIN
  • SHA1
  • MD5
  • URLDECODEUNI
  • URLDECODE
  • HTMLENTITYDECODE
  • JSDECODE
  • CSSDECODE
  • CMDLINE
  • UTF8TOUNICODE