diff options
author | Scott Ullrich <sullrich@G5.local> | 2009-10-27 19:29:22 -0400 |
---|---|---|
committer | Scott Ullrich <sullrich@G5.local> | 2009-10-27 19:29:22 -0400 |
commit | cefe0accd2b44cacd17c8f35f76dbdac66241a6d (patch) | |
tree | f62978454790fe32a367caf1ed9956131c5b06a7 /config/apache_mod_security/rules/a_exclude.conf | |
parent | 84c595a7e87439865edc8d77143f7737df4eb720 (diff) | |
download | pfsense-packages-cefe0accd2b44cacd17c8f35f76dbdac66241a6d.tar.gz pfsense-packages-cefe0accd2b44cacd17c8f35f76dbdac66241a6d.tar.bz2 pfsense-packages-cefe0accd2b44cacd17c8f35f76dbdac66241a6d.zip |
Adding additional rules from http://www.gotroot.com
Diffstat (limited to 'config/apache_mod_security/rules/a_exclude.conf')
-rw-r--r-- | config/apache_mod_security/rules/a_exclude.conf | 182 |
1 files changed, 182 insertions, 0 deletions
diff --git a/config/apache_mod_security/rules/a_exclude.conf b/config/apache_mod_security/rules/a_exclude.conf new file mode 100644 index 00000000..b8f44cd2 --- /dev/null +++ b/config/apache_mod_security/rules/a_exclude.conf @@ -0,0 +1,182 @@ +# http://www.gotroot.com/mod_security+rules +# Gotroot.com ModSecurity rules +# Exclusion Rules for modsec 2.x +# NOTICE: THESE RULES ARE OBSOLETE AND ARE NO LONGER SUPPORTED +# Visit http://www.gotroot.com to download supported rules + +# +# Download from: http://www.gotroot.com/downloads/ftp/mod_security/2.0/exclude.conf +# +# Created by Michael Shinn of the Prometheus Group (http://www.prometheus-group.com) +# Copyright 2005 and 2006 by Michael Shinn and the Prometheus Group, all rights reserved. +# Redistribution is strictly prohibited in any form, including whole or in part. +# +# IMPORTANT NOTE! These rules must be loaded FIRST in your rule orderset to override +# other rules. If you load them later, they will not work! +# +# Version: N-20061022-01 +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS AS IS +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF +# THE POSSIBILITY OF SUCH DAMAGE. + + +########################################### +#Generic SQL injection rule exclusions +########################################### + +#generic PHP forum posting exclusion +<LocationMatch "/posting.php"> +SecRuleRemoveById 300013 +SecRuleRemoveById 300015 +SecRuleRemoveById 300016 +</LocationMatch> + + +#PhpMyadmin +<LocationMatch "/tbl_change.php"> + SecRuleRemoveById 300016 +</LocationMatch> + +<LocationMatch "/sql.php"> + SecRuleRemoveById 300016 +</LocationMatch> + +#/xde/managecontent.php +<LocationMatch "/xde/managecontent.php"> + SecRuleRemoveById 300016 +</LocationMatch> + + +<LocationMatch "/dbad/import.php"> + SecRuleRemoveById 300016 +</LocationMatch> + +#PhpBB posting +<LocationMatch "/index.php?name=PNphpBB2&file=posting&mode=reply.*"> +SecRuleRemoveById 300013 +</LocationMatch> + +#postnuke admin +<LocationMatch "/admin.php"> + SecRuleRemoveById 300016 +</LocationMatch> + +#Postnuke uploads +<LocationMatch "/modules.php?op=modload&name=Downloads.*"> +SecRuleRemoveById 300013 +</LocationMatch> + +#Tikiwiki forum +<LocationMatch "/tiki-view_forum_thread.php"> +SecRuleRemoveById 300013 +</LocationMatch> + +#Squirrel mail and Horde postings +<LocationMatch "/horde/imp/compose.php"> +SecRuleRemoveById 300013 +SecRuleRemoveById 300015 +SecRuleRemoveById 300016 +</LocationMatch> + +#Provided by Todd Holforty +<LocationMatch "/squirrelmail/src/compose.php"> +SecRuleRemoveById 300013 +SecRuleRemoveById 300015 +SecRuleRemoveById 300016 +</LocationMatch> + +#Phorum posting +<LocationMatch "/phorum/post.php"> +SecRuleRemoveById 300013 +</LocationMatch> + +#Tikiwiki edit +<LocationMatch "/tiki-editpage.php"> +SecRuleRemoveById 300013 +</LocationMatch> + +<LocationMatch "/misc.php"> +SecRuleRemoveById 300013 +</LocationMatch> + +<LocationMatch "/forum/posting.php\?mode=.*"> +SecRuleRemoveById 300016 +</LocationMatch> + +########################################### +#Double pipe exclusion rules +########################################### +<LocationMatch "/_vti_bin/fpcount.exe"> +SecRuleRemoveById 300014 +</LocationMatch> + +########################################### +#Front page exclusions +########################################### +<LocationMatch "/_vti_bin/_vti_aut/author.exe"> + SecRuleInheritance Off +</LocationMatch> + +<Location /modules.php?name=Forums&file=posting> +SecRuleRemoveById 300016 +</Location> + +<Location /modules.php?name=Private_Messages&file=index> +SecRuleRemoveById 300016 +</Location> + +########################################### +#Mambo/Joomla exclusions +########################################### +<LocationMatch "/index.php"> + SecRuleRemoveById 380000 + SecRuleRemoveById 300013 +</LocationMatch> +<LocationMatch "/administrator/index2.php"> + SecRuleRemoveById 300013 + SecRuleRemoveById 300016 + SecRuleRemoveById 380000 + SecRuleRemoveById 360001 +</LocationMatch> + +#Added 27AUG2006 +#Courtesy of Tom Donovan +#ColdFusion RDS +<LocationMatch "/CFIDE/main/ide.cfm"> + SecRuleRemoveById 360001 +</LocationMatch> + +#servlet/webacc +<LocationMatch "/servlet/webacc"> + SecRuleRemoveById 300013 +</LocationMatch> + +#WordPRess +<LocationMatch "/wp-admin/options-reading.php"> + SecRuleRemoveById 300015 +</LocationMatch> + +#/profile.php +<LocationMatch "/profile.php"> + SecRuleRemoveById 300015 +</LocationMatch> + +#Open-Exchange +<LocationMatch "/servlet/webdav.calendar/foo.xml"> + SecRuleRemoveById 300015 +</LocationMatch> + + +#owl intranet +<LocationMatch "/intranet/setacl.php"> + SecRuleRemoveById 300015 +</LocationMatch> |