Probleme with #9524190 / TX:referer-hardening-plugin_por #5
Description
curl "http://localhost/test-file.bin" -H "Range: bytes=0-76677119" -H "Referer: https://example.com/"
=> this triggers rule 9524190 with log:
{
"details": {
"accuracy": "0",
"data": "76677119",
"file": "\/etc\/nginx\/modsec\/plugins\/referer-hardening-plugin\/plugins\/referer-hardening-before.conf",
"lineNumber": "212",
"match": "Matched \"Operator `Gt' with parameter `65535' against variable `TX:referer-hardening-plugin_port' (Value: `76677119' )",
"maturity": "0",
"reference": "",
"rev": "",
"ruleId": "9524190",
"severity": "2",
"tags": [
"application-multi",
"language-multi",
"platform-multi",
"attack-protocol",
"paranoia-level\/1",
"capec\/1000\/210\/272"
],
"ver": "referer-hardening-plugin\/1.0.0"
},
"message": "Invalid port within Referer header"
}it is erronously extracting port number from range header, not referer.
regard