File Manager
Upload
Current Directory: /home/lartcid/public_html/journal.lartc.id
[Back]
..
[Open]
Hapus
Rename
.htaccess
[Edit]
Hapus
Rename
.well-known
[Open]
Hapus
Rename
README.md
[Edit]
Hapus
Rename
api
[Open]
Hapus
Rename
cache
[Open]
Hapus
Rename
cgi-bin
[Open]
Hapus
Rename
classes
[Open]
Hapus
Rename
config.TEMPLATE.inc.php
[Edit]
Hapus
Rename
config.inc.php
[Edit]
Hapus
Rename
controllers
[Open]
Hapus
Rename
cypress.json
[Edit]
Hapus
Rename
dbscripts
[Open]
Hapus
Rename
docs
[Open]
Hapus
Rename
error_log
[Edit]
Hapus
Rename
favicon.ico
[Edit]
Hapus
Rename
index.php
[Edit]
Hapus
Rename
js
[Open]
Hapus
Rename
lib
[Open]
Hapus
Rename
locale
[Open]
Hapus
Rename
mini.php
[Edit]
Hapus
Rename
pages
[Open]
Hapus
Rename
php.ini
[Edit]
Hapus
Rename
plugins
[Open]
Hapus
Rename
public
[Open]
Hapus
Rename
registry
[Open]
Hapus
Rename
scheduledTaskLogs
[Open]
Hapus
Rename
schemas
[Open]
Hapus
Rename
styles
[Open]
Hapus
Rename
templates
[Open]
Hapus
Rename
tools
[Open]
Hapus
Rename
Edit File
# ------------------------------------------------------------------------ # OWASP ModSecurity Core Rule Set ver.3.3.5 # Copyright (c) 2006-2020 Trustwave and contributors. All rights reserved. # Copyright (c) 2021-2023 Core Rule Set project. All rights reserved. # # The OWASP ModSecurity Core Rule Set is distributed under # Apache Software License (ASL) version 2 # Please see the enclosed LICENSE file for full details. # ------------------------------------------------------------------------ # # -= Paranoia Level 0 (empty) =- (apply unconditionally) # # This file is to address the 3UWMWA6W vulnerability. # It requires ModSecurity version 2.9.6 or 3.0.8 (or an updated version with backports # of the security fixes in these versions) or a compatible engine supporting these changes. # # If you cannot upgrade ModSecurity, this file will cause ModSecurity to fail to start. # In that case, you can temporarily delete this file. However, you will be missing # protection from these rules. Therefore, we recommend upgrading your engine instead. # The rules in this file will be part of the 920 / 921 in the future. # Only allow specific charsets when using "_charset_" # Note: this is in phase:2 because these are headers that come in the body SecRule &MULTIPART_PART_HEADERS:_charset_ "!@eq 0" \ "id:922100,\ phase:2,\ block,\ t:none,\ msg:'Multipart content type global _charset_ definition is not allowed by policy',\ logdata:'Matched Data: %{ARGS._charset_}',\ tag:'application-multi',\ tag:'language-multi',\ tag:'platform-multi',\ tag:'attack-multipart-header',\ tag:'OWASP_CRS',\ tag:'capec/1000/255/153',\ tag:'paranoia-level/1',\ ver:'OWASP_CRS/3.3.5',\ severity:'CRITICAL',\ chain" SecRule ARGS:_charset_ "!@within |%{tx.allowed_request_content_type_charset}|" \ "t:lowercase,\ setvar:'tx.anomaly_score_pl1=+%{tx.critical_anomaly_score}'" # Only allow specific charsets same as Rule 920600 # Note: this is in phase:2 because these are headers that come in the body SecRule MULTIPART_PART_HEADERS "@rx ^content-type\s*+:\s*+(.*)$" \ "id:922110,\ phase:2,\ block,\ capture,\ t:none,t:lowercase,\ msg:'Illegal MIME Multipart Header content-type: charset parameter',\ logdata:'Matched Data: %{TX.1} found within Content-Type multipart form',\ tag:'application-multi',\ tag:'language-multi',\ tag:'platform-multi',\ tag:'attack-protocol',\ tag:'OWASP_CRS',\ tag:'capec/272/220',\ tag:'paranoia-level/1',\ ver:'OWASP_CRS/3.3.5',\ severity:'CRITICAL',\ chain" SecRule TX:1 "!@rx ^(?:(?:\*|[^\"(),\/:;<=>?![\x5c\]{}]+)\/(?:\*|[^\"(),\/:;<=>?![\x5c\]{}]+))(?:\s*+;\s*+(?:(?:charset\s*+=\s*+(?:\"?(?:iso-8859-15?|windows-1252|utf-8)\b\"?))|(?:(?:c(?:h(?:a(?:r(?:s(?:e[^t\"(),\/:;<=>?![\x5c\]{}]|[^e\"(),/:;<=>?![\x5c\]{}])|[^s\"(),/:;<=>?![\x5c\]{}])|[^r\"(),/:;<=>?![\x5c\]{}])|[^a\"(),/:;<=>?![\x5c\]{}])|[^h\"(),/:;<=>?![\x5c\]{}])|[^c\"(),/:;<=>?![\x5c\]{}])[^\"(),/:;<=>?![\x5c\]{}]*(?:)\s*+=\s*+[^(),/:;<=>?![\x5c\]{}]+)|;?))*(?:\s*+,\s*+(?:(?:\*|[^\"(),\/:;<=>?![\x5c\]{}]+)\/(?:\*|[^\"(),\/:;<=>?![\x5c\]{}]+))(?:\s*+;\s*+(?:(?:charset\s*+=\s*+(?:\"?(?:iso-8859-15?|windows-1252|utf-8)\b\"?))|(?:(?:c(?:h(?:a(?:r(?:s(?:e[^t\"(),\/:;<=>?![\x5c\]{}]|[^e\"(),/:;<=>?![\x5c\]{}])|[^s\"(),/:;<=>?![\x5c\]{}])|[^r\"(),/:;<=>?![\x5c\]{}])|[^a\"(),/:;<=>?![\x5c\]{}])|[^h\"(),/:;<=>?![\x5c\]{}])|[^c\"(),/:;<=>?![\x5c\]{}])[^\"(),/:;<=>?![\x5c\]{}]*(?:)\s*+=\s*+[^(),/:;<=>?![\x5c\]{}]+)|;?))*)*$" \ "t:lowercase,\ setvar:'tx.anomaly_score_pl1=+%{tx.critical_anomaly_score}'" # Content-Transfer-Encoding was deprecated by rfc7578 in 2015 and should not be used (see: https://www.rfc-editor.org/rfc/rfc7578#section-4.7) # Note: this is in phase:2 because these are headers that come in the body SecRule MULTIPART_PART_HEADERS "@rx content-transfer-encoding:(.*)" \ "id:922120,\ phase:2,\ block,\ capture,\ t:none,t:lowercase,\ msg:'Content-Transfer-Encoding was deprecated by rfc7578 in 2015 and should not be used',\ logdata:'Matched Data: %{TX.0}',\ tag:'application-multi',\ tag:'language-multi',\ tag:'platform-multi',\ tag:'attack-deprecated-header',\ tag:'OWASP_CRS',\ tag:'capec/272/220',\ tag:'paranoia-level/1',\ ver:'OWASP_CRS/3.3.5',\ severity:'CRITICAL',\ setvar:'tx.anomaly_score_pl1=+%{tx.critical_anomaly_score}'"
Simpan