Sindbad~EG File Manager

Current Path : /etc/apache2/conf.d/imh-modsec/
Upload File :
Current File : //etc/apache2/conf.d/imh-modsec/31_shellshock.conf

# both.conf
# Rules intended to potentially mitigate the BASH "shellshock" bug
# T3 Trac #8148 (https://trac.imhtech.net/T3/ticket/8148)
SecRule REQUEST_HEADERS "^\(\) {" \
    "phase:1,deny,id:13100,t:urlDecode,status:403,log,\
    msg:'CVE-2014-6271 - Bash Attack'"

SecRule REQUEST_LINE "\(\) {" \
    "phase:1,deny,id:13101,status:403,log,\
    msg:'CVE-2014-6271 - Bash Attack'"

SecRule ARGS_NAMES "^\(\) {" \
    "phase:2,deny,id:13102,t:urlDecode,t:urlDecodeUni,status:403,log,\
    msg:'CVE-2014-6271 - Bash Attack'"

SecRule ARGS "^\(\) {" \
    "phase:2,deny,id:13103,t:urlDecode,t:urlDecodeUni,status:403,log,\
    msg:'CVE-2014-6271 - Bash Attack'"

SecRule FILES_NAMES "^\(\) {" \
    "phase:2,deny,id:13104,t:urlDecode,t:urlDecodeUni,status:403,log,\
    msg:'CVE-2014-6271  - Bash Attack'"

Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists