HEX
Server: nginx/1.18.0
System: Linux hqnl0246134.online-vm.com 5.4.0-135-generic #152-Ubuntu SMP Wed Nov 23 20:19:22 UTC 2022 x86_64
User: www-data (33)
PHP: 7.4.33
Disabled: phpinfo,disk_free_space,disk_total_space,diskfreespace,dl,exec,opcache_get_configuration,opcache_get_status,passthru,pclose,pcntl_alarm,pcntl_exec,pcntl_fork,pcntl_get_last_error,pcntl_getpriority,pcntl_setpriority,pcntl_signal,pcntl_signal_dispatch,pcntl_sigprocmask,pcntl_sigtimedwait,pcntl_sigwaitinfo,pcntl_strerror,pcntl_waitpid,pcntl_wait,pcntl_wexitstatus,pcntl_wifcontinued,pcntl_wifexited,pcntl_wifsignaled,pcntl_wifstopped,pcntl_wstopsig,pcntl_wtermsig,popen,posix_getpwuid,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,posix_uname,proc_close,proc_get_status,proc_nice,proc_terminate,shell_exec,show_source,system,exec,passthru,shell_exec,system,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source
$ pwd: /etc/imunify360-wafd/
Upload Files
File: //etc/imunify360-wafd/modsecurity.conf
SecDebugLog /var/log/imunify360/wafd-coraza.log
SecDebugLogLevel 1
SecRuleEngine On
SecRequestBodyAccess On

# SecPcreMatchLimit and SecPcreMatchLimitRecursion are not applicable
# to Coraza WAF's re2, so they are not needed.

# Audit log config example
SecAuditEngine RelevantOnly
SecAuditLogParts ABHZ
SecAuditLogFormat JSON
SecAuditLogType Serial
# See defence360: src/asyncclient/im360/subsys/panels/cpanel/mod_security.py
SecAuditLogDir /var/log/imunify360/modsec_audit
SecAuditLog /var/log/imunify360/modsec_audit.log

SecArgumentSeparator &
SecCookieFormat 0
SecTmpDir /var/imunify360/tmp_modsec
SecUploadDir /var/imunify360/tmp_modsec

Include /etc/imunify360-wafd/modsecurity.d/*.custom
Include /var/imunify360/modsec/coraza/*.conf
@ Telegram