diff options
Diffstat (limited to 'files/mod_security/custom_rules/exclude.conf')
-rw-r--r-- | files/mod_security/custom_rules/exclude.conf | 179 |
1 files changed, 0 insertions, 179 deletions
diff --git a/files/mod_security/custom_rules/exclude.conf b/files/mod_security/custom_rules/exclude.conf deleted file mode 100644 index 081400c..0000000 --- a/files/mod_security/custom_rules/exclude.conf +++ /dev/null @@ -1,179 +0,0 @@ -# http://www.gotroot.com/mod_security+rules -# Gotroot.com ModSecurity rules -# Exclusion Rules for modsec 2.x -# -# Download from: http://www.gotroot.com/downloads/ftp/mod_security/2.0/exclude.conf -# -# Created by Michael Shinn of the Prometheus Group (http://www.prometheus-group.com) -# Copyright 2005 and 2006 by Michael Shinn and the Prometheus Group, all rights reserved. -# Redistribution is strictly prohibited in any form, including whole or in part. -# -# IMPORTANT NOTE! These rules must be loaded FIRST in your rule orderset to override -# other rules. If you load them later, they will not work! -# -# Version: N-20061022-01 -# -# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS AS IS -# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE -# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF -# THE POSSIBILITY OF SUCH DAMAGE. - - -########################################### -#Generic SQL injection rule exclusions -########################################### - -#generic PHP forum posting exclusion -<LocationMatch "/posting.php"> -SecRuleRemoveById 300013 -SecRuleRemoveById 300015 -SecRuleRemoveById 300016 -</LocationMatch> - - -#PhpMyadmin -<LocationMatch "/tbl_change.php"> - SecRuleRemoveById 300016 -</LocationMatch> - -<LocationMatch "/sql.php"> - SecRuleRemoveById 300016 -</LocationMatch> - -#/xde/managecontent.php -<LocationMatch "/xde/managecontent.php"> - SecRuleRemoveById 300016 -</LocationMatch> - - -<LocationMatch "/dbad/import.php"> - SecRuleRemoveById 300016 -</LocationMatch> - -#PhpBB posting -<LocationMatch "/index.php?name=PNphpBB2&file=posting&mode=reply.*"> -SecRuleRemoveById 300013 -</LocationMatch> - -#postnuke admin -<LocationMatch "/admin.php"> - SecRuleRemoveById 300016 -</LocationMatch> - -#Postnuke uploads -<LocationMatch "/modules.php?op=modload&name=Downloads.*"> -SecRuleRemoveById 300013 -</LocationMatch> - -#Tikiwiki forum -<LocationMatch "/tiki-view_forum_thread.php"> -SecRuleRemoveById 300013 -</LocationMatch> - -#Squirrel mail and Horde postings -<LocationMatch "/horde/imp/compose.php"> -SecRuleRemoveById 300013 -SecRuleRemoveById 300015 -SecRuleRemoveById 300016 -</LocationMatch> - -#Provided by Todd Holforty -<LocationMatch "/squirrelmail/src/compose.php"> -SecRuleRemoveById 300013 -SecRuleRemoveById 300015 -SecRuleRemoveById 300016 -</LocationMatch> - -#Phorum posting -<LocationMatch "/phorum/post.php"> -SecRuleRemoveById 300013 -</LocationMatch> - -#Tikiwiki edit -<LocationMatch "/tiki-editpage.php"> -SecRuleRemoveById 300013 -</LocationMatch> - -<LocationMatch "/misc.php"> -SecRuleRemoveById 300013 -</LocationMatch> - -<LocationMatch "/forum/posting.php\?mode=.*"> -SecRuleRemoveById 300016 -</LocationMatch> - -########################################### -#Double pipe exclusion rules -########################################### -<LocationMatch "/_vti_bin/fpcount.exe"> -SecRuleRemoveById 300014 -</LocationMatch> - -########################################### -#Front page exclusions -########################################### -<LocationMatch "/_vti_bin/_vti_aut/author.exe"> - SecRuleInheritance Off -</LocationMatch> - -<Location /modules.php?name=Forums&file=posting> -SecRuleRemoveById 300016 -</Location> - -<Location /modules.php?name=Private_Messages&file=index> -SecRuleRemoveById 300016 -</Location> - -########################################### -#Mambo/Joomla exclusions -########################################### -<LocationMatch "/index.php"> - SecRuleRemoveById 380000 - SecRuleRemoveById 300013 -</LocationMatch> -<LocationMatch "/administrator/index2.php"> - SecRuleRemoveById 300013 - SecRuleRemoveById 300016 - SecRuleRemoveById 380000 - SecRuleRemoveById 360001 -</LocationMatch> - -#Added 27AUG2006 -#Courtesy of Tom Donovan -#ColdFusion RDS -<LocationMatch "/CFIDE/main/ide.cfm"> - SecRuleRemoveById 360001 -</LocationMatch> - -#servlet/webacc -<LocationMatch "/servlet/webacc"> - SecRuleRemoveById 300013 -</LocationMatch> - -#WordPRess -<LocationMatch "/wp-admin/options-reading.php"> - SecRuleRemoveById 300015 -</LocationMatch> - -#/profile.php -<LocationMatch "/profile.php"> - SecRuleRemoveById 300015 -</LocationMatch> - -#Open-Exchange -<LocationMatch "/servlet/webdav.calendar/foo.xml"> - SecRuleRemoveById 300015 -</LocationMatch> - - -#owl intranet -<LocationMatch "/intranet/setacl.php"> - SecRuleRemoveById 300015 -</LocationMatch> |