← Back to branch summary

~ubuntu-branches/ubuntu/quantal/modsecurity-apache/quantal

« back to all changes in this revision

Viewing changes to apache2/t/regression/action/10-detectiononly-actions.t

  • Committer: Bazaar Package Importer
  • Author(s): Alberto Gonzalez Iniesta
  • Date: 2011-03-23 18:36:29 UTC
  • Revision ID: james.westby@ubuntu.com-20110323183629-8rwn0362sqqqqbgl
Tags: upstream-2.5.13
ImportĀ upstreamĀ versionĀ 2.5.13

Show diffs side-by-side

added added

removed removed

Lines of Context:
apache2/t/regression/action/10-detectiononly-actions.t
 
1
### Tests all of the actions in each phase in detection only mode
 
2
 
 
3
# Pass
 
4
{
 
5
        type => "action",
 
6
        comment => "pass in phase:1",
 
7
        conf => qq(
 
8
                SecRuleEngine DetectionOnly
 
9
                SecRequestBodyAccess On
 
10
                SecResponseBodyAccess On
 
11
                SecResponseBodyMimeType null
 
12
                SecDebugLog "$ENV{DEBUG_LOG}"
 
13
                SecDebugLogLevel 9
 
14
                SecAction "phase:1,pass,msg:'PASSED'"
 
15
                SecAction "phase:1,deny,msg:'DENIED'"
 
16
        ),
 
17
        match_log => {
 
18
                error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*PASSED/, 1 ],
 
19
        },
 
20
        match_response => {
 
21
                status => qr/^200$/,
 
22
        },
 
23
        request => new HTTP::Request(
 
24
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
 
25
        ),
 
26
},
 
27
{
 
28
        type => "action",
 
29
        comment => "pass in phase:2",
 
30
        conf => qq(
 
31
                SecRuleEngine DetectionOnly
 
32
                SecRequestBodyAccess On
 
33
                SecResponseBodyAccess On
 
34
                SecResponseBodyMimeType null
 
35
                SecAction "phase:2,pass,msg:'PASSED'"
 
36
                SecAction "phase:2,deny,msg:'DENIED'"
 
37
        ),
 
38
        match_log => {
 
39
                error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*PASSED/, 1 ],
 
40
        },
 
41
        match_response => {
 
42
                status => qr/^200$/,
 
43
        },
 
44
        request => new HTTP::Request(
 
45
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
 
46
        ),
 
47
},
 
48
{
 
49
        type => "action",
 
50
        comment => "pass in phase:3",
 
51
        conf => qq(
 
52
                SecRuleEngine DetectionOnly
 
53
                SecRequestBodyAccess On
 
54
                SecResponseBodyAccess On
 
55
                SecResponseBodyMimeType null
 
56
                SecDebugLog "$ENV{DEBUG_LOG}"
 
57
                SecDebugLogLevel 4
 
58
                SecAction "phase:3,pass,msg:'PASSED'"
 
59
                SecAction "phase:3,deny,msg:'DENIED'"
 
60
        ),
 
61
        match_log => {
 
62
                error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*PASSED/, 1 ],
 
63
        },
 
64
        match_response => {
 
65
                status => qr/^200$/,
 
66
        },
 
67
        request => new HTTP::Request(
 
68
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
 
69
        ),
 
70
},
 
71
{
 
72
        type => "action",
 
73
        comment => "pass in phase:4",
 
74
        conf => qq(
 
75
                SecRuleEngine DetectionOnly
 
76
                SecRequestBodyAccess On
 
77
                SecResponseBodyAccess On
 
78
                SecResponseBodyMimeType null
 
79
                SecDebugLog "$ENV{DEBUG_LOG}"
 
80
                SecDebugLogLevel 4
 
81
                SecAction "phase:4,pass,msg:'PASSED'"
 
82
                SecAction "phase:4,deny,msg:'DENIED'"
 
83
        ),
 
84
        match_log => {
 
85
                error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*PASSED/, 1 ],
 
86
        },
 
87
        match_response => {
 
88
                status => qr/^200$/,
 
89
        },
 
90
        request => new HTTP::Request(
 
91
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
 
92
        ),
 
93
},
 
94
 
 
95
# Allow
 
96
{
 
97
        type => "action",
 
98
        comment => "allow in phase:1",
 
99
        conf => qq(
 
100
                SecRuleEngine DetectionOnly
 
101
                SecRequestBodyAccess On
 
102
                SecResponseBodyAccess On
 
103
                SecResponseBodyMimeType null
 
104
                SecAction "phase:1,allow,msg:'ALLOWED'"
 
105
                SecAction "phase:1,deny,msg:'DENIED'"
 
106
        ),
 
107
        match_log => {
 
108
                error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*ALLOWED/, 1 ],
 
109
                -error => [ qr/Access allowed/, 1 ],
 
110
# TODO: Allow should probably stop rule execution
 
111
#               -error => [ qr/DENIED/, 1 ],
 
112
        },
 
113
        match_response => {
 
114
                status => qr/^200$/,
 
115
        },
 
116
        request => new HTTP::Request(
 
117
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
 
118
        ),
 
119
},
 
120
{
 
121
        type => "action",
 
122
        comment => "allow in phase:2",
 
123
        conf => qq(
 
124
                SecRuleEngine DetectionOnly
 
125
                SecRequestBodyAccess On
 
126
                SecResponseBodyAccess On
 
127
                SecResponseBodyMimeType null
 
128
                SecAction "phase:2,allow,msg:'ALLOWED'"
 
129
                SecAction "phase:2,deny,msg:'DENIED'"
 
130
        ),
 
131
        match_log => {
 
132
                error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*ALLOWED/, 1 ],
 
133
                -error => [ qr/Access allowed/, 1 ],
 
134
# TODO: Allow should probably stop rule execution
 
135
#               -error => [ qr/DENIED/, 1 ],
 
136
        },
 
137
        match_response => {
 
138
                status => qr/^200$/,
 
139
        },
 
140
        request => new HTTP::Request(
 
141
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
 
142
        ),
 
143
},
 
144
{
 
145
        type => "action",
 
146
        comment => "allow in phase:3",
 
147
        conf => qq(
 
148
                SecRuleEngine DetectionOnly
 
149
                SecRequestBodyAccess On
 
150
                SecResponseBodyAccess On
 
151
                SecResponseBodyMimeType null
 
152
                SecAction "phase:3,allow,msg:'ALLOWED'"
 
153
                SecAction "phase:3,deny,msg:'DENIED'"
 
154
        ),
 
155
        match_log => {
 
156
                error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*ALLOWED/, 1 ],
 
157
                -error => [ qr/Access allowed/, 1 ],
 
158
# TODO: Allow should probably stop rule execution
 
159
#               -error => [ qr/DENIED/, 1 ],
 
160
        },
 
161
        match_response => {
 
162
                status => qr/^200$/,
 
163
        },
 
164
        request => new HTTP::Request(
 
165
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
 
166
        ),
 
167
},
 
168
{
 
169
        type => "action",
 
170
        comment => "allow in phase:4",
 
171
        conf => qq(
 
172
                SecRuleEngine DetectionOnly
 
173
                SecRequestBodyAccess On
 
174
                SecResponseBodyAccess On
 
175
                SecResponseBodyMimeType null
 
176
                SecAction "phase:4,allow,msg:'ALLOWED'"
 
177
                SecAction "phase:4,deny,msg:'DENIED'"
 
178
        ),
 
179
        match_log => {
 
180
                error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*ALLOWED/, 1 ],
 
181
                -error => [ qr/Access allowed/, 1 ],
 
182
# TODO: Allow should probably stop rule execution
 
183
#               -error => [ qr/DENIED/, 1 ],
 
184
        },
 
185
        match_response => {
 
186
                status => qr/^200$/,
 
187
        },
 
188
        request => new HTTP::Request(
 
189
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
 
190
        ),
 
191
},
 
192
 
 
193
# Deny
 
194
{
 
195
        type => "action",
 
196
        comment => "deny in phase:1",
 
197
        conf => qq(
 
198
                SecRuleEngine DetectionOnly
 
199
                SecRequestBodyAccess On
 
200
                SecResponseBodyAccess On
 
201
                SecResponseBodyMimeType null
 
202
                SecAction "phase:1,deny,msg:'DENIED'"
 
203
        ),
 
204
        match_log => {
 
205
                error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*DENIED/, 1 ],
 
206
                -error => [ qr/Access denied/, 1 ],
 
207
        },
 
208
        match_response => {
 
209
                status => qr/^200$/,
 
210
        },
 
211
        request => new HTTP::Request(
 
212
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
 
213
        ),
 
214
},
 
215
{
 
216
        type => "action",
 
217
        comment => "deny in phase:2",
 
218
        conf => qq(
 
219
                SecRuleEngine DetectionOnly
 
220
                SecRequestBodyAccess On
 
221
                SecResponseBodyAccess On
 
222
                SecResponseBodyMimeType null
 
223
                SecAction "phase:2,deny,msg:'DENIED'"
 
224
        ),
 
225
        match_log => {
 
226
                error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*DENIED/, 1 ],
 
227
                -error => [ qr/Access denied/, 1 ],
 
228
        },
 
229
        match_response => {
 
230
                status => qr/^200$/,
 
231
        },
 
232
        request => new HTTP::Request(
 
233
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
 
234
        ),
 
235
},
 
236
{
 
237
        type => "action",
 
238
        comment => "deny in phase:3",
 
239
        conf => qq(
 
240
                SecRuleEngine DetectionOnly
 
241
                SecRequestBodyAccess On
 
242
                SecResponseBodyAccess On
 
243
                SecResponseBodyMimeType null
 
244
                SecAction "phase:3,deny,msg:'DENIED'"
 
245
        ),
 
246
        match_log => {
 
247
                error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*DENIED/, 1 ],
 
248
                -error => [ qr/Access denied/, 1 ],
 
249
        },
 
250
        match_response => {
 
251
                status => qr/^200$/,
 
252
        },
 
253
        request => new HTTP::Request(
 
254
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
 
255
        ),
 
256
},
 
257
{
 
258
        type => "action",
 
259
        comment => "deny in phase:4",
 
260
        conf => qq(
 
261
                SecRuleEngine DetectionOnly
 
262
                SecRequestBodyAccess On
 
263
                SecResponseBodyAccess On
 
264
                SecResponseBodyMimeType null
 
265
                SecAction "phase:4,deny,msg:'DENIED'"
 
266
        ),
 
267
        match_log => {
 
268
                error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*DENIED/, 1 ],
 
269
                -error => [ qr/Access denied/, 1 ],
 
270
        },
 
271
        match_response => {
 
272
                status => qr/^200$/,
 
273
        },
 
274
        request => new HTTP::Request(
 
275
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
 
276
        ),
 
277
},
 
278
 
 
279
# Drop
 
280
{
 
281
        type => "action",
 
282
        comment => "drop in phase:1",
 
283
        conf => qq(
 
284
                SecRuleEngine DetectionOnly
 
285
                SecRequestBodyAccess On
 
286
                SecResponseBodyAccess On
 
287
                SecResponseBodyMimeType null
 
288
                SecAction "phase:1,drop,msg:'DROPPED'"
 
289
        ),
 
290
        match_log => {
 
291
                error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*DROPPED/, 1 ],
 
292
                -error => [ qr/Access denied/, 1 ],
 
293
        },
 
294
        match_response => {
 
295
                status => qr/^200$/,
 
296
        },
 
297
        request => new HTTP::Request(
 
298
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
 
299
        ),
 
300
},
 
301
{
 
302
        type => "action",
 
303
        comment => "drop in phase:2",
 
304
        conf => qq(
 
305
                SecRuleEngine DetectionOnly
 
306
                SecRequestBodyAccess On
 
307
                SecResponseBodyAccess On
 
308
                SecResponseBodyMimeType null
 
309
                SecAction "phase:2,drop,msg:'DROPPED'"
 
310
        ),
 
311
        match_log => {
 
312
                error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*DROPPED/, 1 ],
 
313
                -error => [ qr/Access denied/, 1 ],
 
314
        },
 
315
        match_response => {
 
316
                status => qr/^200$/,
 
317
        },
 
318
        request => new HTTP::Request(
 
319
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
 
320
        ),
 
321
},
 
322
{
 
323
        type => "action",
 
324
        comment => "drop in phase:3",
 
325
        conf => qq(
 
326
                SecRuleEngine DetectionOnly
 
327
                SecRequestBodyAccess On
 
328
                SecResponseBodyAccess On
 
329
                SecResponseBodyMimeType null
 
330
                SecAction "phase:3,drop,msg:'DROPPED'"
 
331
        ),
 
332
        match_log => {
 
333
                error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*DROPPED/, 1 ],
 
334
                -error => [ qr/Access denied/, 1 ],
 
335
        },
 
336
        match_response => {
 
337
                status => qr/^200$/,
 
338
        },
 
339
        request => new HTTP::Request(
 
340
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
 
341
        ),
 
342
},
 
343
{
 
344
        type => "action",
 
345
        comment => "drop in phase:4",
 
346
        conf => qq(
 
347
                SecRuleEngine DetectionOnly
 
348
                SecRequestBodyAccess On
 
349
                SecResponseBodyAccess On
 
350
                SecResponseBodyMimeType null
 
351
                SecAction "phase:4,drop,msg:'DROPPED'"
 
352
        ),
 
353
        match_log => {
 
354
                error => [ qr/ModSecurity: Warning. Unconditional match in SecAction.*DROPPED/, 1 ],
 
355
                -error => [ qr/Access denied/, 1 ],
 
356
        },
 
357
        match_response => {
 
358
                status => qr/^200$/,
 
359
        },
 
360
        request => new HTTP::Request(
 
361
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
 
362
        ),
 
363
},
 
364
 
 
365
# Redirect
 
366
{
 
367
        type => "action",
 
368
        comment => "redirect in phase:1 (get)",
 
369
        conf => qq(
 
370
                SecRuleEngine DetectionOnly
 
371
                SecRequestBodyAccess On
 
372
                SecResponseBodyAccess On
 
373
                SecResponseBodyMimeType null
 
374
                SecRule REQUEST_URI "\@streq /test2.txt" "phase:1,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'REDIRECTED'"
 
375
        ),
 
376
        match_log => {
 
377
                error => [ qr/ModSecurity: Warning. String match "\/test2.txt" at REQUEST_URI.*REDIRECTED/, 1 ],
 
378
                -error => [ qr/Access denied/, 1 ],
 
379
        },
 
380
        match_response => {
 
381
                status => qr/^200$/,
 
382
                content => qr/^TEST 2$/,
 
383
        },
 
384
        request => new HTTP::Request(
 
385
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
 
386
        ),
 
387
},
 
388
{
 
389
        type => "action",
 
390
        comment => "redirect in phase:2 (get)",
 
391
        conf => qq(
 
392
                SecRuleEngine DetectionOnly
 
393
                SecRequestBodyAccess On
 
394
                SecResponseBodyAccess On
 
395
                SecResponseBodyMimeType null
 
396
                SecRule REQUEST_URI "\@streq /test2.txt" "phase:2,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'REDIRECTED'"
 
397
        ),
 
398
        match_log => {
 
399
                error => [ qr/ModSecurity: Warning. String match "\/test2.txt" at REQUEST_URI.*REDIRECTED/, 1 ],
 
400
                -error => [ qr/Access denied/, 1 ],
 
401
        },
 
402
        match_response => {
 
403
                status => qr/^200$/,
 
404
                content => qr/^TEST 2$/,
 
405
        },
 
406
        request => new HTTP::Request(
 
407
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
 
408
        ),
 
409
},
 
410
{
 
411
        type => "action",
 
412
        comment => "redirect in phase:3 (get)",
 
413
        conf => qq(
 
414
                SecRuleEngine DetectionOnly
 
415
                SecRequestBodyAccess On
 
416
                SecResponseBodyAccess On
 
417
                SecResponseBodyMimeType null
 
418
                SecRule REQUEST_URI "\@streq /test2.txt" "phase:3,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'REDIRECTED'"
 
419
        ),
 
420
        match_log => {
 
421
                error => [ qr/ModSecurity: Warning. String match "\/test2.txt" at REQUEST_URI.*REDIRECTED/, 1 ],
 
422
                -error => [ qr/Access denied/, 1 ],
 
423
        },
 
424
        match_response => {
 
425
                status => qr/^200$/,
 
426
                content => qr/^TEST 2$/,
 
427
        },
 
428
        request => new HTTP::Request(
 
429
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
 
430
        ),
 
431
},
 
432
{
 
433
        type => "action",
 
434
        comment => "redirect in phase:4 (get)",
 
435
        conf => qq(
 
436
                SecRuleEngine DetectionOnly
 
437
                SecRequestBodyAccess On
 
438
                SecResponseBodyAccess On
 
439
                SecResponseBodyMimeType null
 
440
                SecRule REQUEST_URI "\@streq /test2.txt" "phase:4,redirect:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'REDIRECTED'"
 
441
        ),
 
442
        match_log => {
 
443
                error => [ qr/ModSecurity: Warning. String match "\/test2.txt" at REQUEST_URI.*REDIRECTED/, 1 ],
 
444
                -error => [ qr/Access denied/, 1 ],
 
445
        },
 
446
        match_response => {
 
447
                status => qr/^200$/,
 
448
                content => qr/^TEST 2$/,
 
449
        },
 
450
        request => new HTTP::Request(
 
451
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
 
452
        ),
 
453
},
 
454
 
 
455
# Proxy
 
456
{
 
457
        type => "action",
 
458
        comment => "proxy in phase:1 (get)",
 
459
        conf => qq(
 
460
                SecRuleEngine DetectionOnly
 
461
                SecRequestBodyAccess On
 
462
                SecResponseBodyAccess On
 
463
                SecResponseBodyMimeType null
 
464
                SecRule REQUEST_URI "\@streq /test2.txt" "phase:1,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'PROXIED'"
 
465
        ),
 
466
        match_log => {
 
467
                error => [ qr/ModSecurity: Warning. String match "\/test2.txt" at REQUEST_URI.*PROXIED/, 1 ],
 
468
                -error => [ qr/Access denied/, 1 ],
 
469
        },
 
470
        match_response => {
 
471
                status => qr/^200$/,
 
472
                content => qr/^TEST 2$/,
 
473
        },
 
474
        request => new HTTP::Request(
 
475
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
 
476
        ),
 
477
},
 
478
{
 
479
        type => "action",
 
480
        comment => "proxy in phase:2 (get)",
 
481
        conf => qq(
 
482
                SecRuleEngine DetectionOnly
 
483
                SecRequestBodyAccess On
 
484
                SecResponseBodyAccess On
 
485
                SecResponseBodyMimeType null
 
486
                SecRule REQUEST_URI "\@streq /test2.txt" "phase:2,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'PROXIED'"
 
487
        ),
 
488
        match_log => {
 
489
                error => [ qr/ModSecurity: Warning. String match "\/test2.txt" at REQUEST_URI.*PROXIED/, 1 ],
 
490
                -error => [ qr/Access denied/, 1 ],
 
491
        },
 
492
        match_response => {
 
493
                status => qr/^200$/,
 
494
                content => qr/^TEST 2$/,
 
495
        },
 
496
        request => new HTTP::Request(
 
497
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
 
498
        ),
 
499
},
 
500
{
 
501
        type => "action",
 
502
        comment => "proxy in phase:3 (get)",
 
503
        conf => qq(
 
504
                SecRuleEngine DetectionOnly
 
505
                SecRequestBodyAccess On
 
506
                SecResponseBodyAccess On
 
507
                SecResponseBodyMimeType null
 
508
                SecDebugLog "$ENV{DEBUG_LOG}"
 
509
                SecDebugLogLevel 4
 
510
                SecRule REQUEST_URI "\@streq /test2.txt" "phase:3,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'PROXIED'"
 
511
        ),
 
512
        match_log => {
 
513
                error => [ qr/ModSecurity: Warning. String match "\/test2.txt" at REQUEST_URI.*PROXIED/, 1 ],
 
514
                -error => [ qr/Access denied/, 1 ],
 
515
        },
 
516
        match_response => {
 
517
                status => qr/^200$/,
 
518
        },
 
519
        request => new HTTP::Request(
 
520
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
 
521
        ),
 
522
},
 
523
{
 
524
        type => "action",
 
525
        comment => "proxy in phase:4 (get)",
 
526
        conf => qq(
 
527
                SecRuleEngine DetectionOnly
 
528
                SecRequestBodyAccess On
 
529
                SecResponseBodyAccess On
 
530
                SecResponseBodyMimeType null
 
531
                SecDebugLog "$ENV{DEBUG_LOG}"
 
532
                SecDebugLogLevel 4
 
533
                SecRule REQUEST_URI "\@streq /test2.txt" "phase:4,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'PROXIED'"
 
534
        ),
 
535
        match_log => {
 
536
                error => [ qr/ModSecurity: Warning. String match "\/test2.txt" at REQUEST_URI.*PROXIED/, 1 ],
 
537
                -error => [ qr/Access denied/, 1 ],
 
538
        },
 
539
        match_response => {
 
540
                status => qr/^200$/,
 
541
        },
 
542
        request => new HTTP::Request(
 
543
                GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
 
544
        ),
 
545
},