# ---------------------------------------------------------------
# Core ModSecurity Rule Set ver.2.2.8
# Copyright (C) 2006-2012 Trustwave All rights reserved.
#
# The OWASP ModSecurity Core Rule Set is distributed under 
# Apache Software License (ASL) version 2
# Please see the enclosed LICENCE file for full details.
# ---------------------------------------------------------------


#
# -=[ You must be using the Resource Profiling Rules to track this data ]=-
#
# modsecurity_crs_40_appsensor_detection_point_2.0_setup.conf
# modsecurity_crs_40_appsensor_detection_point_3.0_end.conf 
#

SecRule TX:/XSS-ARGS:/ ".*" "id:'999003',chain,phase:2,t:none,msg:'XSS Attack Against Known Vulnerable Parameter.',logdata:'%{matched_var}'"
        SecRule MATCHED_VARS_NAMES "-ARGS:(.*)$" "chain,capture"
                SecRule TX:1 "@within %{resource.xss_vulnerable_params}"

SecRule TX:/SQL_INJECTION-ARGS:/ ".*" "id:'999004',chain,phase:2,t:none,msg:'SQLi Attack Against Known Vulnerable Parameter.',logdata:'%{matched_var}'"
        SecRule MATCHED_VARS_NAMES "-ARGS:(.*)$" "chain,capture"
                SecRule TX:1 "@within %{resource.sqli_vulnerable_params}"