# http://www.gotroot.com/mod_security+rules # Gotroot.com ModSecurity rules # Exclusion Rules for modsec 2.x # # Download from: http://www.gotroot.com/downloads/ftp/mod_security/2.0/exclude.conf # # Created by Michael Shinn of the Prometheus Group (http://www.prometheus-group.com) # Copyright 2005 and 2006 by Michael Shinn and the Prometheus Group, all rights reserved. # Redistribution is strictly prohibited in any form, including whole or in part. # # IMPORTANT NOTE! These rules must be loaded FIRST in your rule orderset to override # other rules. If you load them later, they will not work! # # Version: N-20061022-01 # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS AS IS # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF # THE POSSIBILITY OF SUCH DAMAGE. ########################################### #Generic SQL injection rule exclusions ########################################### #generic PHP forum posting exclusion SecRuleRemoveById 300013 SecRuleRemoveById 300015 SecRuleRemoveById 300016 #PhpMyadmin SecRuleRemoveById 300016 SecRuleRemoveById 300016 #/xde/managecontent.php SecRuleRemoveById 300016 SecRuleRemoveById 300016 #PhpBB posting SecRuleRemoveById 300013 #postnuke admin SecRuleRemoveById 300016 #Postnuke uploads SecRuleRemoveById 300013 #Tikiwiki forum SecRuleRemoveById 300013 #Squirrel mail and Horde postings SecRuleRemoveById 300013 SecRuleRemoveById 300015 SecRuleRemoveById 300016 #Provided by Todd Holforty SecRuleRemoveById 300013 SecRuleRemoveById 300015 SecRuleRemoveById 300016 #Phorum posting SecRuleRemoveById 300013 #Tikiwiki edit SecRuleRemoveById 300013 SecRuleRemoveById 300013 SecRuleRemoveById 300016 ########################################### #Double pipe exclusion rules ########################################### SecRuleRemoveById 300014 ########################################### #Front page exclusions ########################################### SecRuleInheritance Off SecRuleRemoveById 300016 SecRuleRemoveById 300016 ########################################### #Mambo/Joomla exclusions ########################################### SecRuleRemoveById 380000 SecRuleRemoveById 300013 SecRuleRemoveById 300013 SecRuleRemoveById 300016 SecRuleRemoveById 380000 SecRuleRemoveById 360001 #Added 27AUG2006 #Courtesy of Tom Donovan #ColdFusion RDS SecRuleRemoveById 360001 #servlet/webacc SecRuleRemoveById 300013 #WordPRess SecRuleRemoveById 300015 #/profile.php SecRuleRemoveById 300015 #Open-Exchange SecRuleRemoveById 300015 #owl intranet SecRuleRemoveById 300015