Far better detection of SecureIIS (WAF)

2025-12-06 04:31:30 +00:00 · 2016-06-23 12:03:05 +02:00
parent ec06037335
commit 1b863ecf93
4 changed files with 14 additions and 9 deletions
--- a/waf/modsecurity.py
+++ b/waf/modsecurity.py
@@ -19,7 +19,6 @@ def detect(get_page):
        page, headers, code = get_page(get=vector)
        retval = code == 501 and re.search(r"Reference #[0-9A-Fa-f.]+", page or "", re.I) is None
        retval |= re.search(r"Mod_Security|NOYB", headers.get(HTTP_HEADER.SERVER, ""), re.I) is not None
-        retval |= code == 406  # specific for mod_security (and forks)
        retval |= "This error was generated by Mod_Security" in (page or "")
        if retval:
            break