diff options
author | mh <mh@immerda.ch> | 2009-03-15 22:15:19 +0000 |
---|---|---|
committer | mh <mh@immerda.ch> | 2009-03-15 22:15:19 +0000 |
commit | ed8a5fb546c6e7f7f1e57a71d4b36a17c634f172 (patch) | |
tree | 37e1e01543ab47e455fe6a87af1edbd0e07b275a /templates/vhosts/php_joomla | |
parent | 0efb0078c9cbbd932c0f0c95c65123ea28a6f67f (diff) |
added rules from webpage
Diffstat (limited to 'templates/vhosts/php_joomla')
-rw-r--r-- | templates/vhosts/php_joomla/CentOS.erb | 28 |
1 files changed, 26 insertions, 2 deletions
diff --git a/templates/vhosts/php_joomla/CentOS.erb b/templates/vhosts/php_joomla/CentOS.erb index c7bdc22..47ccbef 100644 --- a/templates/vhosts/php_joomla/CentOS.erb +++ b/templates/vhosts/php_joomla/CentOS.erb @@ -60,7 +60,19 @@ SecAuditLog <%= logdir %>/mod_security_audit.log SecDebugLog <%= logdir %>/mod_security_debug.log # http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html - SecRuleRemoveById "960010" + # Exceptions for Joomla Root Directory + <LocationMatch '^/'> + SecRuleRemoveById 950013 + </LocationMatch> + + # Exceptions for Joomla Administration Panel + SecRule REQUEST_FILENAME "/administrator/index2.php" \ + "allow,phase:1,nolog,ctl:ruleEngine=Off" + + # Exceptions for Joomla Component Expose + <LocationMatch '^/components/com_expose/expose/manager/amfphp/gateway.php'> + SecRuleRemoveById 960010 + </LocationMatch> <%- else -%> SecRuleEngine Off <%- end -%> @@ -126,7 +138,19 @@ SecAuditLog <%= logdir %>/mod_security_audit.log SecDebugLog <%= logdir %>/mod_security_debug.log # http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html - SecRuleRemoveById "960010" + # Exceptions for Joomla Root Directory + <LocationMatch '^/'> + SecRuleRemoveById 950013 + </LocationMatch> + + # Exceptions for Joomla Administration Panel + SecRule REQUEST_FILENAME "/administrator/index2.php" \ + "allow,phase:1,nolog,ctl:ruleEngine=Off" + + # Exceptions for Joomla Component Expose + <LocationMatch '^/components/com_expose/expose/manager/amfphp/gateway.php'> + SecRuleRemoveById 960010 + </LocationMatch> <%- else -%> SecRuleEngine Off <%- end -%> |