diff options
Diffstat (limited to 'files/mod_security/custom_rules/exclude.conf')
| -rw-r--r-- | files/mod_security/custom_rules/exclude.conf | 179 |
1 files changed, 179 insertions, 0 deletions
diff --git a/files/mod_security/custom_rules/exclude.conf b/files/mod_security/custom_rules/exclude.conf new file mode 100644 index 0000000..081400c --- /dev/null +++ b/files/mod_security/custom_rules/exclude.conf @@ -0,0 +1,179 @@ +# http://www.gotroot.com/mod_security+rules +# Gotroot.com ModSecurity rules +# Exclusion Rules for modsec 2.x +# +# Download from: http://www.gotroot.com/downloads/ftp/mod_security/2.0/exclude.conf +# +# Created by Michael Shinn of the Prometheus Group (http://www.prometheus-group.com) +# Copyright 2005 and 2006 by Michael Shinn and the Prometheus Group, all rights reserved. +# Redistribution is strictly prohibited in any form, including whole or in part. +# +# IMPORTANT NOTE! These rules must be loaded FIRST in your rule orderset to override +# other rules. If you load them later, they will not work! +# +# Version: N-20061022-01 +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS AS IS +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF +# THE POSSIBILITY OF SUCH DAMAGE. + + +########################################### +#Generic SQL injection rule exclusions +########################################### + +#generic PHP forum posting exclusion +<LocationMatch "/posting.php"> +SecRuleRemoveById 300013 +SecRuleRemoveById 300015 +SecRuleRemoveById 300016 +</LocationMatch> + + +#PhpMyadmin +<LocationMatch "/tbl_change.php"> + SecRuleRemoveById 300016 +</LocationMatch> + +<LocationMatch "/sql.php"> + SecRuleRemoveById 300016 +</LocationMatch> + +#/xde/managecontent.php +<LocationMatch "/xde/managecontent.php"> + SecRuleRemoveById 300016 +</LocationMatch> + + +<LocationMatch "/dbad/import.php"> + SecRuleRemoveById 300016 +</LocationMatch> + +#PhpBB posting +<LocationMatch "/index.php?name=PNphpBB2&file=posting&mode=reply.*"> +SecRuleRemoveById 300013 +</LocationMatch> + +#postnuke admin +<LocationMatch "/admin.php"> + SecRuleRemoveById 300016 +</LocationMatch> + +#Postnuke uploads +<LocationMatch "/modules.php?op=modload&name=Downloads.*"> +SecRuleRemoveById 300013 +</LocationMatch> + +#Tikiwiki forum +<LocationMatch "/tiki-view_forum_thread.php"> +SecRuleRemoveById 300013 +</LocationMatch> + +#Squirrel mail and Horde postings +<LocationMatch "/horde/imp/compose.php"> +SecRuleRemoveById 300013 +SecRuleRemoveById 300015 +SecRuleRemoveById 300016 +</LocationMatch> + +#Provided by Todd Holforty +<LocationMatch "/squirrelmail/src/compose.php"> +SecRuleRemoveById 300013 +SecRuleRemoveById 300015 +SecRuleRemoveById 300016 +</LocationMatch> + +#Phorum posting +<LocationMatch "/phorum/post.php"> +SecRuleRemoveById 300013 +</LocationMatch> + +#Tikiwiki edit +<LocationMatch "/tiki-editpage.php"> +SecRuleRemoveById 300013 +</LocationMatch> + +<LocationMatch "/misc.php"> +SecRuleRemoveById 300013 +</LocationMatch> + +<LocationMatch "/forum/posting.php\?mode=.*"> +SecRuleRemoveById 300016 +</LocationMatch> + +########################################### +#Double pipe exclusion rules +########################################### +<LocationMatch "/_vti_bin/fpcount.exe"> +SecRuleRemoveById 300014 +</LocationMatch> + +########################################### +#Front page exclusions +########################################### +<LocationMatch "/_vti_bin/_vti_aut/author.exe"> + SecRuleInheritance Off +</LocationMatch> + +<Location /modules.php?name=Forums&file=posting> +SecRuleRemoveById 300016 +</Location> + +<Location /modules.php?name=Private_Messages&file=index> +SecRuleRemoveById 300016 +</Location> + +########################################### +#Mambo/Joomla exclusions +########################################### +<LocationMatch "/index.php"> + SecRuleRemoveById 380000 + SecRuleRemoveById 300013 +</LocationMatch> +<LocationMatch "/administrator/index2.php"> + SecRuleRemoveById 300013 + SecRuleRemoveById 300016 + SecRuleRemoveById 380000 + SecRuleRemoveById 360001 +</LocationMatch> + +#Added 27AUG2006 +#Courtesy of Tom Donovan +#ColdFusion RDS +<LocationMatch "/CFIDE/main/ide.cfm"> + SecRuleRemoveById 360001 +</LocationMatch> + +#servlet/webacc +<LocationMatch "/servlet/webacc"> + SecRuleRemoveById 300013 +</LocationMatch> + +#WordPRess +<LocationMatch "/wp-admin/options-reading.php"> + SecRuleRemoveById 300015 +</LocationMatch> + +#/profile.php +<LocationMatch "/profile.php"> + SecRuleRemoveById 300015 +</LocationMatch> + +#Open-Exchange +<LocationMatch "/servlet/webdav.calendar/foo.xml"> + SecRuleRemoveById 300015 +</LocationMatch> + + +#owl intranet +<LocationMatch "/intranet/setacl.php"> + SecRuleRemoveById 300015 +</LocationMatch> |