HEX
Server: Apache/2
System: Linux nexus-01 4.18.0-553.120.1.el8_10.x86_64 #1 SMP Mon Apr 20 18:04:27 EDT 2026 x86_64
User: aglcoke (1118)
PHP: 8.2.31
Disabled: mail,exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
$ pwd: /usr/local/cwaf/rules/
Upload Files
File: //usr/local/cwaf/rules/05_Global_Incoming.conf
# ---------------------------------------------------------------
# Comodo ModSecurity Rules
# Copyright (C) 2022 Comodo Security solutions All rights reserved.
#
# The COMODO SECURITY SOLUTIONS Mod Security Rule Set is distributed under
# THE COMODO SECURITY SOLUTIONS END USER LICENSE AGREEMENT,
# Please see the enclosed LICENCE file for full details.
# ---------------------------------------------------------------
# This is a FILE CONTAINING CHANGED or MODIFIED RULES FROM THE:
# OWASP ModSecurity Core Rule Set (CRS)
# ---------------------------------------------------------------

SecRule TX:POINTS "@gt 0" \
	"id:214300,chain,msg:'COMODO WAF: Inbound Attack Targeting OSVDB Flagged Resource.||%{tx.domain}|%{tx.mode}|2',phase:2,deny,setvar:'tx.inbound_tx_msg=%{tx.msg}',setvar:'tx.incoming_points=%{tx.points}',log,t:none,rev:2,severity:2,tag:'CWAF',tag:'Incoming'"
SecRule RESOURCE:OSVDB_VULNERABLE "@eq 1" \
	"chain"
SecRule TX:POINTS_BLOCKING "@streq on"

SecRule TX:POINTS "@gt 0" \
	"id:214310,chain,msg:'COMODO WAF: Inbound Points Exceeded|Total Points: %{TX.points}|%{tx.domain}|%{tx.mode}|2',phase:2,deny,setvar:'tx.inbound_tx_msg=%{tx.msg}',setvar:'tx.incoming_points=%{tx.points}',log,logdata:'Last Matched Data: %{matched_var}',t:none,rev:2,severity:2,tag:'CWAF',tag:'Incoming'"
SecRule TX:POINTS "@ge %{tx.incoming_points_limit}" \
	"chain"
SecRule TX:POINTS_BLOCKING "@streq on" \
	"chain"
SecRule TX:/^\d+\-/ "(.{0,})"
@ Telegram