mirror/caddy-waf
1
0
Fork 0
mirror of https://github.com/fabriziosalmi/caddy-waf.git synced 2025-12-23 22:27:46 -05:00
Code Issues Packages Projects Releases Wiki Activity

Create data-validation.json

Browse Source
This commit is contained in:
fab
2025-01-13 12:57:46 +01:00
committed by GitHub
parent be1e0def7f
commit 11360573b0
1 changed files with 53 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
rules/data-validation.json Normal file
View File

@@ -0,0 +1,53 @@
[
{
"id": "data-validation-int-overflow",
"phase": 2,
"pattern": "(?i)\\b(?:\\d{15,})\\b",
"targets": ["ARGS", "BODY", "HEADERS"],
"severity": "MEDIUM",
"action": "log",
"score": 4,
"description":"Log large numbers (Potential Integer Overflow)."
},
{
"id":"data-validation-invalid-email",
"phase": 2,
"pattern":"(?i)(?:[^@\\s]+@[^@\\s]+\\.[^@\\s]+){0,}",
"targets":["ARGS", "BODY", "HEADERS"],
"severity":"LOW",
"action":"log",
"score": 2,
"description":"Log data that does not look like valid email address."
},
{
"id":"data-validation-invalid-phone",
"phase":2,
"pattern":"(?i)(?:[^\\d\\+\\(\\)\\-\\s]){1,}",
"targets": ["ARGS", "BODY", "HEADERS"],
"severity":"LOW",
"action":"log",
"score": 2,
"description":"Log data that contains invalid chars in phone numbers"
},
{
"id":"data-validation-invalid-date",
"phase": 2,
"pattern":"(?i)(?:\\d{1,2}[\\/\\-]\\d{1,2}[\\/\\-]\\d{2,4}){0,}",
"targets":["ARGS","BODY", "HEADERS"],
"severity":"LOW",
"action":"log",
"score": 2,
"description":"Log data that does not look like valid date"
},
{
"id":"data-validation-long-string",
"phase": 2,
"pattern":"^.{5000,}$",
"targets":["ARGS","BODY"],
"severity":"LOW",
"action":"log",
"score": 2,
"description":"Log very long strings (can indicate data injection)"
}
]