From d8a2a022b63610776c96fd9a38aeb233f47215b0 Mon Sep 17 00:00:00 2001
From: ale <ale@incal.net>
Date: Wed, 16 Dec 2020 12:43:08 +0000
Subject: [PATCH] Refine eventlist modsec exclusions

---
 .../crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf         | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/conf/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf b/conf/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
index 8213b19..efabd1a 100644
--- a/conf/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
+++ b/conf/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
@@ -41,7 +41,11 @@ SecRule REQUEST_FILENAME "@endsWith /wp-admin/admin-ajax.php" \
     ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[1][title],\
     ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[1][location_length],\
     ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[2][title],\
-    ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[2][location_length]"
+    ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[2][location_length],\
+    ctl:ruleRemoveTargetByTag=language-powershell;ARGS:widget-event_list_widget[1][title],\
+    ctl:ruleRemoveTargetByTag=language-powershell;ARGS:widget-event_list_widget[1][location_length],\
+    ctl:ruleRemoveTargetByTag=language-powershell;ARGS:widget-event_list_widget[2][title],\
+    ctl:ruleRemoveTargetByTag=language-powershell;ARGS:widget-event_list_widget[2][location_length]"
 
 # Filter out certain args (all URIs) for the pgp email plugin.
 SecRule REQUEST_URI "@beginsWith /" \
-- 
GitLab