此变量是包含会话信息的集合。它仅在执行setsid后才可用。


以下示例显示如何使用setsid初始化SESSION,如何使用setvar增加SESSION.score值,如何设置SESSION.blocked变量,以及最后如何根据SESSION.blockedde 值拒绝连接:


# Initialize session storage

SecRule REQUEST_COOKIES:PHPSESSID !^$ "phase:2,id:70,nolog,pass,setsid:%{REQUEST_COOKIES.PHPSESSID}"


# Increment session score on attack

SecRule REQUEST_URI "^/cgi-bin/finger$" "phase:2,id:71,t:none,t:lowercase,t:normalizePath,pass,setvar:SESSION.score=+10"


# Detect too many attacks in a session

SecRule SESSION:score "@gt 50" "phase:2,id:72,pass,setvar:SESSION.blocked=1"


# Enforce session block

SecRule SESSION:blocked "@eq 1" "phase:2,id:73,deny,status:403"



Created with the Personal Edition of HelpNDoc: Easy EPub and documentation editor