Merge pull request #294 from Kuppit/main

fix: use MODSEC_ARGUMENTS_LIMIT in SecRule for argument count limit
coreruleset · Oct 9, 2024 · 1ef072c · 1ef072c
2 parents 98f6986 + 85701d3
commit 1ef072c
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/etc/modsecurity.d/modsecurity.conf b/src/etc/modsecurity.d/modsecurity.conf
@@ -43,7 +43,7 @@ SecRule REQUEST_HEADERS:Content-Type "^(?:application(?:/soap\+|/)|text/)xml" \
     "id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML"
 SecRule REQUEST_HEADERS:Content-Type "^application/json" \
     "id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON"
-SecRule &ARGS "@ge 1000" \
+SecRule &ARGS "@ge ${MODSEC_ARGUMENTS_LIMIT}" \
     "id:'200007', phase:2,t:none,log,deny,status:400,msg:'Failed to fully parse request body due to large argument count',severity:2"
 SecRule REQBODY_ERROR "!@eq 0" \
     "id:'200002', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2"