Supported ModSecurity Functionality

Configuration Directives

• SecAction

• SecMarker

• SecRule

• SecRuleUpdateTargetById

Variables

• ARGS

• ARGS_COMBINED_SIZE

• ARGS_NAMES

• ARGS_GET

• ARGS_GET_NAMES

• ARGS_POST

• ARGS_POST_NAMES

• GEO

• MATCHED_VAR

• MATCHED_VAR_NAME

• MATCHED_VARS

• MATCHED_VARS_NAMES

• QUERY_STRING

• REMOTE_ADDR

• REMOTE_ASN

• REQBODY_ERROR

• REQUEST_BASENAME

• REQUEST_BODY

• REQUEST_COOKIES

• REQUEST_COOKIES_NAMES

• REQUEST_FILENAME

• REQUEST_HEADERS

• REQUEST_HEADERS_NAMES

• REQUEST_LINE

• REQUEST_METHOD

• REQUEST_PROTOCOL

• REQUEST_URI

• REQUEST_URI_RAW

• TX

• XML

Operators

• BEGINSWITH

• CONTAINS

• CONTAINSWORD

• DETECTSQLI

• DETECTXSS

• ENDSWITH

• EQ

• GE

• GT

• IPMATCH

• IPMATCHF

• IPMATCHFROMFILE

• LE

• LT

• PM

• PMF

• PMFROMFILE

• RX

• STREQ

• STRMATCH

• VALIDATEBYTERANGE

• VALIDATEURLENCODING

• VALIDATEUTF8ENCODING

• VERIFYCC

• WITHIN

Transformations

• NONE

• LENGTH

• COMPRESSWHITESPACE

• REMOVEWHITESPACE

• REMOVENULLS

• HEXENCODE

• LOWERCASE

• NORMALISEPATH

• NORMALIZEPATH

• REPLACECOMMENTS

• REMOVECOMMENTS

• NORMALIZEPATHWIN

• SHA1

• MD5

• URLDECODEUNI

• URLDECODE

• HTMLENTITYDECODE

• JSDECODE

• CSSDECODE

• CMDLINE

• UTF8TOUNICODE