File: 20-status-engine.t

package info (click to toggle)
modsecurity-apache 2.9.1-2
  • links: PTS
  • area: main
  • in suites: stretch
  • size: 9,928 kB
  • ctags: 2,995
  • sloc: ansic: 50,214; sh: 11,700; perl: 2,340; cpp: 1,936; makefile: 585; xml: 6
file content (123 lines) | stat: -rw-r--r-- 3,016 bytes parent folder | download | duplicates (7) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
 
### Test the SecStatusEngine

# On
{
	type => "misc",
	comment => "Setting SecStatusEngine to On",
	conf => qq(
		SecRuleEngine On
		SecStatusEngine On
	),
	match_log => {
		error => [ qr/ModSecurity: StatusEngine call successfully sent/, 1],
		-error => [ qr/Status engine is currently disabled, enable it by set SecStatusEngine to On/, 1],
	},
	match_response => {
		status => qr/^200$/,
	},
	request => new HTTP::Request(
		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
		[
			"Content-Type" => "application/x-www-form-urlencoded",
		],
		"arg1=val1&arg2=val2",
	),
},
# Off
{
	type => "misc",
	comment => "Setting SecStatusEngine to Off",
	conf => qq(
		SecRuleEngine On
		SecStatusEngine Off
	),
	match_log => {
		-error => [ qr/ModSecurity: StatusEngine call successfully sent/, 1],
		error => [ qr/Status engine is currently disabled, enable it by set SecStatusEngine to On/, 1],
	},
	match_response => {
		status => qr/^200$/,
	},
	request => new HTTP::Request(
		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
		[
			"Content-Type" => "application/x-www-form-urlencoded",
		],
		"arg1=val1&arg2=val2",
	),
},
# On and SecServerSignature
{
	type => "misc",
	comment => "SecStatusEngine On using SecServerSignature",
	conf => qq(
		SecRuleEngine On
		SecServerSignature "SpiderServer v0.1a"
		SecStatusEngine On
	),
	match_log => {
		error => [ qr/ModSecurity: StatusEngine call successfully sent/, 1],
		-error => [ qr/StatusEngine call: .*SpiderServer v0.1a.*/, 1],
	},
	match_response => {
		status => qr/^200$/,
	},
	request => new HTTP::Request(
		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
		[
			"Content-Type" => "application/x-www-form-urlencoded",
		],
		"arg1=val1&arg2=val2",
	),
},
# On and SecServerSignature
{
	type => "misc",
	comment => "SecStatusEngine On/SecServerSignature - checking signature",
	conf => qq(
		SecRuleEngine On
		SecServerSignature "SpiderServer v0.1a"
		SecStatusEngine On
	),
	match_log => {
		error => {
			apache => [ qr/StatusEngine call: \"[0-9]+.[0-9]+.[0-9]+[-RC]*[0-9]*\,Apache/, 1],
			nginx => [ qr/StatusEngine call: \"[0-9]+.[0-9]+.[0-9]+[-RC]*[0-9]*\,nginx/, 1],
		}
	},
	match_response => {
		status => qr/^200$/,
	},
	request => new HTTP::Request(
		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
		[
			"Content-Type" => "application/x-www-form-urlencoded",
		],
		"arg1=val1&arg2=val2",
	),
},
# On and SecServerSignature
{
	type => "misc",
	comment => "SecStatusEngine On - checking signature",
	conf => qq(
		SecStatusEngine On
	),
	match_log => {
		error => {
			apache => [ qr/StatusEngine call: \"[0-9]+.[0-9]+.[0-9]+[-RC]*[0-9]*\,Apache/, 1],
			nginx => [ qr/StatusEngine call: \"[0-9]+.[0-9]+.[0-9]+[-RC]*[0-9]*\,nginx/, 1],
		}
	},
	match_response => {
		status => qr/^200$/,
	},
	request => new HTTP::Request(
		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
		[
			"Content-Type" => "application/x-www-form-urlencoded",
		],
		"arg1=val1&arg2=val2",
	),
},