Skip to content
Snippets Groups Projects
Commit 18ab6d4a authored by ale's avatar ale
Browse files

Update CRS customizations

parent 6a283f15
No related branches found
No related tags found
1 merge request!62Build with S6 (bullseye)
Pipeline #23166 passed
Stage: build
Stage: test
Hide whitespace changes
Inline Side-by-side
docker/conf/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
+ 21
30
View file @ 18ab6d4a
...@@ -21,16 +21,7 @@ SecRule REQUEST_FILENAME "@endsWith /wp-admin/themes.php" \ ...@@ -21,16 +21,7 @@ SecRule REQUEST_FILENAME "@endsWith /wp-admin/themes.php" \
phase:2,\ phase:2,\
pass,\ pass,\
nolog,\ nolog,\
ctl:ruleRemoveTargetByTag=CRS;ARGS:newcontent" ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:newcontent"
# The ability to edit CSS triggers XSS rules when editing posts.
# Disable all CRS rules on the wp-json API endpoint.
SecRule REQUEST_URI "@beginsWith /wp-json/wp/v2/posts/" \
"id:1003,\
phase:2,\
pass,\
nolog,\
ctl:ruleRemoveTargetByTag=CRS;ARGS:content"
# Make the eventlist plugin work (SIGH for the lack of regexps). # Make the eventlist plugin work (SIGH for the lack of regexps).
SecRule REQUEST_FILENAME "@endsWith /wp-admin/admin-ajax.php" \ SecRule REQUEST_FILENAME "@endsWith /wp-admin/admin-ajax.php" \
...@@ -38,26 +29,26 @@ SecRule REQUEST_FILENAME "@endsWith /wp-admin/admin-ajax.php" \ ...@@ -38,26 +29,26 @@ SecRule REQUEST_FILENAME "@endsWith /wp-admin/admin-ajax.php" \
phase:2,\ phase:2,\
pass,\ pass,\
nolog,\ nolog,\
ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[1][title],\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:widget-event_list_widget[1][title],\
ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[1][cat_filter],\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:widget-event_list_widget[1][cat_filter],\
ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[1][num_events],\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:widget-event_list_widget[1][num_events],\
ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[1][location_length],\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:widget-event_list_widget[1][location_length],\
ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[2][title],\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:widget-event_list_widget[2][title],\
ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[2][cat_filter],\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:widget-event_list_widget[2][cat_filter],\
ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[2][num_events],\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:widget-event_list_widget[2][num_events],\
ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[2][location_length],\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:widget-event_list_widget[2][location_length],\
ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[3][title],\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:widget-event_list_widget[3][title],\
ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[3][cat_filter],\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:widget-event_list_widget[3][cat_filter],\
ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[3][num_events],\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:widget-event_list_widget[3][num_events],\
ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[3][location_length],\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:widget-event_list_widget[3][location_length],\
ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[4][title],\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:widget-event_list_widget[4][title],\
ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[4][cat_filter],\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:widget-event_list_widget[4][cat_filter],\
ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[4][num_events],\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:widget-event_list_widget[4][num_events],\
ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[4][location_length],\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:widget-event_list_widget[4][location_length],\
ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[5][title],\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:widget-event_list_widget[5][title],\
ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[5][cat_filter],\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:widget-event_list_widget[5][cat_filter],\
ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[5][num_events],\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:widget-event_list_widget[5][num_events],\
ctl:ruleRemoveTargetByTag=CRS;ARGS:widget-event_list_widget[5][location_length]" ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:widget-event_list_widget[5][location_length]"
# More eventlist plugin workarounds. # More eventlist plugin workarounds.
SecRule REQUEST_FILENAME "@endsWith /wp-admin/admin-ajax.php" \ SecRule REQUEST_FILENAME "@endsWith /wp-admin/admin-ajax.php" \
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment