File Manager
Upload
Current Directory: /home/lartcid/public_html/journal.lartc.id
[Back]
..
[Open]
Hapus
Rename
.htaccess
[Edit]
Hapus
Rename
.well-known
[Open]
Hapus
Rename
README.md
[Edit]
Hapus
Rename
api
[Open]
Hapus
Rename
cache
[Open]
Hapus
Rename
cgi-bin
[Open]
Hapus
Rename
classes
[Open]
Hapus
Rename
config.TEMPLATE.inc.php
[Edit]
Hapus
Rename
config.inc.php
[Edit]
Hapus
Rename
controllers
[Open]
Hapus
Rename
cypress.json
[Edit]
Hapus
Rename
dbscripts
[Open]
Hapus
Rename
docs
[Open]
Hapus
Rename
error_log
[Edit]
Hapus
Rename
favicon.ico
[Edit]
Hapus
Rename
index.php
[Edit]
Hapus
Rename
js
[Open]
Hapus
Rename
lib
[Open]
Hapus
Rename
locale
[Open]
Hapus
Rename
mini.php
[Edit]
Hapus
Rename
pages
[Open]
Hapus
Rename
php.ini
[Edit]
Hapus
Rename
plugins
[Open]
Hapus
Rename
public
[Open]
Hapus
Rename
registry
[Open]
Hapus
Rename
scheduledTaskLogs
[Open]
Hapus
Rename
schemas
[Open]
Hapus
Rename
styles
[Open]
Hapus
Rename
templates
[Open]
Hapus
Rename
tools
[Open]
Hapus
Rename
Edit File
# ------------------------------------------------------ # Imunify360 ModSecurity Rules # Copyright (C) 2024 CloudLinux Inc All right reserved # The Imunify360 ModSecurity Rules is distributed under # IMUNIFY360 LICENSE AGREEMENT # ------------------------------------------------------ SecRule ARGS "@rx \.\\\\\.\/\.\\\\\.\/|\.\./\.\./" "id:77350314,chain,phase:2,block,log,severity:2,t:none,capture,setvar:tx.arg_name=%{MATCHED_VAR_NAME},setvar:tx.arg_value=%{MATCHED_VAR},t:none,t:urlDecode,msg:'IM360 WAF: Path traversal attack||User:%{SCRIPT_USERNAME}||Path:%{REQUEST_FILENAME}||Arg:%{TX.arg_name}||Match:%{TX.arg_value}||T:APACHE||',tag:'service_im360'" SecRule REQUEST_FILENAME "@pmFromFile path_traversal" "t:none" SecRule REMOTE_HOST|ARGS|REQUEST_COOKIES "@pmFromFile bl_uri" "id:77142167,block,log,severity:2,t:none,t:urlDecodeUni,t:normalizePath,t:base64Decode,msg:'IM360 WAF: Block URI containing malicious URLs||T:APACHE||MVN:%{MATCHED_VAR_NAME}||SC:%{SCRIPT_FILENAME}||',tag:'service_im360'" SecRule REQUEST_HEADERS:Content-Type "@rx (?:application|multipart|text)\/[\w\-\.\+]{3,32}?[^\n]{1,256}?(?:application|multipart|text)\/[\w\-\.\+]{3,32}?" "id:77350248,phase:1,pass,nolog,auditlog,t:none,severity:5,msg:'IM360 WAF: Multiple Content-Type Request Headers (CVE-2023-38199)||SC:%{SCRIPT_FILENAME}||T:APACHE||',tag:'service_im360',setvar:'tx.rbl_infectors=1',setvar:'tx.mult_cont_type=1'" SecRule TX:mult_cont_type "@gt 0" "chain,id:77350254,phase:2,block,log,t:none,severity:2,msg:'IM360 WAF: Multiple Content-Type Request Headers (CVE-2023-38199)||SC:%{SCRIPT_FILENAME}||T:APACHE||',tag:'service_im360'" SecRule REQBODY_ERROR "@eq 1" SecRule &REQUEST_HEADERS:Content-Type "@gt 1" "id:77350255,phase:1,block,log,t:none,severity:2,msg:'IM360 WAF: Multiple Content-Type Request Headers (CVE-2023-38199)||SC:%{SCRIPT_FILENAME}||T:APACHE||',tag:'service_im360'" # DATABASE INJECTION # Block by suspicious domains SecRule REQUEST_METHOD "@rx POST" "id:77316844,chain,phase:2,block,log,severity:2,t:none,msg:'IM360 WAF: Block by known DB injection entry||Injection:%{MATCHED_VAR}||User:%{SCRIPT_USERNAME}||SC:%{SCRIPT_FILENAME}||WPU:%{TX.wp_user}||T:APACHE||',tag:'service_im360'" SecRule REQUEST_URI "!@contains /index.php?rp=/domain/check" "chain,t:none,t:normalizePath" SecRule ARGS "@pmFromFile bl_db_domains" "t:none,capture"
Simpan