From 592fdf4867a76918686373903cc4949c257b5b46 Mon Sep 17 00:00:00 2001
From: ale <ale@incal.net>
Date: Mon, 14 Dec 2020 10:20:12 +0000
Subject: [PATCH] Add ModSec exclusion for wp2pgpmail

---
 .../crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf   | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/conf/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf b/conf/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
index 58f6f42..8213b19 100644
--- a/conf/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
+++ b/conf/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
@@ -43,3 +43,14 @@ SecRule REQUEST_FILENAME "@endsWith /wp-admin/admin-ajax.php" \
     ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[2][title],\
     ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[2][location_length]"
 
+# Filter out certain args (all URIs) for the pgp email plugin.
+SecRule REQUEST_URI "@beginsWith /" \
+    "id:1005,\
+    phase:2,\
+    pass,\
+    nolog,\
+    ctl:ruleRemoveTargetByTag=attack-sqli;ARGS:message_from_name,\
+    ctl:ruleRemoveTargetByTag=attack-sqli;ARGS:message_from_mail,\
+    ctl:ruleRemoveTargetByTag=attack-sqli;ARGS:message_body,\
+    ctl:ruleRemoveTargetByTag=attack-sqli;ARGS:text"
+
-- 
GitLab