diff options
author | Scott Ullrich <sullrich@gmail.com> | 2009-06-23 14:00:21 -0400 |
---|---|---|
committer | Scott Ullrich <sullrich@gmail.com> | 2009-06-23 14:00:21 -0400 |
commit | 3bc3b925d9dbd05552d21b7465731d3b823eb515 (patch) | |
tree | 883aa42efac10f4057a5b7782c2537d156342c60 | |
parent | 8f5f872c05da346602fd8b7bcb7b73bc4af1726f (diff) | |
download | pfsense-packages-3bc3b925d9dbd05552d21b7465731d3b823eb515.tar.gz pfsense-packages-3bc3b925d9dbd05552d21b7465731d3b823eb515.tar.bz2 pfsense-packages-3bc3b925d9dbd05552d21b7465731d3b823eb515.zip |
Add more mod_security bits
-rw-r--r-- | config/apache_mod_security/apache_mod_security.inc | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/config/apache_mod_security/apache_mod_security.inc b/config/apache_mod_security/apache_mod_security.inc index 4d0402be..cf39e467 100644 --- a/config/apache_mod_security/apache_mod_security.inc +++ b/config/apache_mod_security/apache_mod_security.inc @@ -169,17 +169,37 @@ EOF; # Turn the filtering engine On or Off SecFilterEngine On + # XXX Add knobs for these + SecRuleEngine On + SecRequestBodyAccess On + SecResponseBodyAccess On + + # XXX Add knobs for these + SecRequestBodyInMemoryLimit 131072 + SecRequestBodyLimit 10485760 + + SecResponseBodyMimeTypesClear + SecResponseBodyMimeType (null) text/plain text/html text/css text/xml + + # XXX Add knobs for these + SecUploadDir /var/spool/apache/private + SecUploadKeepFiles Off + + # XXX Add knobs for these # The audit engine works independently and # can be turned On of Off on the per-server or # on the per-directory basis SecAuditEngine RelevantOnly + # XXX Add knobs for these # Make sure that URL encoding is valid SecFilterCheckURLEncoding On + # XXX Add knobs for these # Unicode encoding check SecFilterCheckUnicodeEncoding On + # XXX Add knobs for these # Only allow bytes from this range SecFilterForceByteRange 1 255 |