From cefe0accd2b44cacd17c8f35f76dbdac66241a6d Mon Sep 17 00:00:00 2001
From: Scott Ullrich <sullrich@G5.local>
Date: Tue, 27 Oct 2009 19:29:22 -0400
Subject: Adding additional rules from http://www.gotroot.com

---
 config/apache_mod_security/rules/a_exclude.conf | 182 ++++++++++++++++++++++++
 1 file changed, 182 insertions(+)
 create mode 100644 config/apache_mod_security/rules/a_exclude.conf

(limited to 'config/apache_mod_security/rules/a_exclude.conf')

diff --git a/config/apache_mod_security/rules/a_exclude.conf b/config/apache_mod_security/rules/a_exclude.conf
new file mode 100644
index 00000000..b8f44cd2
--- /dev/null
+++ b/config/apache_mod_security/rules/a_exclude.conf
@@ -0,0 +1,182 @@
+# http://www.gotroot.com/mod_security+rules
+# Gotroot.com ModSecurity rules
+# Exclusion Rules for modsec 2.x
+# NOTICE: THESE RULES ARE OBSOLETE AND ARE NO LONGER SUPPORTED
+# Visit http://www.gotroot.com to download supported rules
+
+#
+# Download from: http://www.gotroot.com/downloads/ftp/mod_security/2.0/exclude.conf
+#
+# Created by Michael Shinn of the Prometheus Group (http://www.prometheus-group.com)
+# Copyright 2005 and 2006 by Michael Shinn and the Prometheus Group, all rights reserved.
+# Redistribution is strictly prohibited in any form, including whole or in part.
+#
+# IMPORTANT NOTE!  These rules must be loaded FIRST in your rule orderset to override
+# other rules.  If you load them later, they will not work!
+#
+# Version: N-20061022-01
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS AS IS
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
+# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+# THE POSSIBILITY OF SUCH DAMAGE.
+
+
+###########################################
+#Generic SQL injection rule exclusions
+###########################################
+
+#generic PHP forum posting exclusion
+<LocationMatch "/posting.php">
+SecRuleRemoveById 300013
+SecRuleRemoveById 300015
+SecRuleRemoveById 300016
+</LocationMatch>
+
+
+#PhpMyadmin
+<LocationMatch "/tbl_change.php">
+   SecRuleRemoveById 300016
+</LocationMatch>
+
+<LocationMatch "/sql.php">
+   SecRuleRemoveById 300016
+</LocationMatch>
+
+#/xde/managecontent.php
+<LocationMatch "/xde/managecontent.php">
+   SecRuleRemoveById 300016
+</LocationMatch>
+
+
+<LocationMatch "/dbad/import.php">
+   SecRuleRemoveById 300016
+</LocationMatch>
+
+#PhpBB posting
+<LocationMatch "/index.php?name=PNphpBB2&file=posting&mode=reply.*">
+SecRuleRemoveById 300013
+</LocationMatch>
+
+#postnuke admin
+<LocationMatch "/admin.php">
+   SecRuleRemoveById 300016
+</LocationMatch>
+
+#Postnuke uploads
+<LocationMatch "/modules.php?op=modload&name=Downloads.*">
+SecRuleRemoveById 300013
+</LocationMatch>
+
+#Tikiwiki forum
+<LocationMatch "/tiki-view_forum_thread.php">
+SecRuleRemoveById 300013
+</LocationMatch>
+
+#Squirrel mail and Horde postings
+<LocationMatch "/horde/imp/compose.php">
+SecRuleRemoveById 300013
+SecRuleRemoveById 300015
+SecRuleRemoveById 300016
+</LocationMatch>
+
+#Provided by Todd Holforty 
+<LocationMatch "/squirrelmail/src/compose.php">
+SecRuleRemoveById 300013
+SecRuleRemoveById 300015
+SecRuleRemoveById 300016
+</LocationMatch>
+
+#Phorum posting
+<LocationMatch "/phorum/post.php">
+SecRuleRemoveById 300013
+</LocationMatch>
+
+#Tikiwiki edit
+<LocationMatch "/tiki-editpage.php">
+SecRuleRemoveById 300013
+</LocationMatch>
+
+<LocationMatch "/misc.php">
+SecRuleRemoveById 300013
+</LocationMatch>
+
+<LocationMatch "/forum/posting.php\?mode=.*">
+SecRuleRemoveById 300016
+</LocationMatch>
+
+###########################################
+#Double pipe exclusion rules
+###########################################
+<LocationMatch "/_vti_bin/fpcount.exe">
+SecRuleRemoveById 300014
+</LocationMatch>
+
+###########################################
+#Front page exclusions
+###########################################
+<LocationMatch "/_vti_bin/_vti_aut/author.exe">
+  SecRuleInheritance Off
+</LocationMatch>
+
+<Location /modules.php?name=Forums&file=posting>
+SecRuleRemoveById 300016
+</Location>
+
+<Location /modules.php?name=Private_Messages&file=index>
+SecRuleRemoveById 300016
+</Location>
+
+###########################################
+#Mambo/Joomla exclusions
+###########################################
+<LocationMatch "/index.php">
+  SecRuleRemoveById 380000
+  SecRuleRemoveById 300013
+</LocationMatch>
+<LocationMatch "/administrator/index2.php">
+  SecRuleRemoveById 300013
+  SecRuleRemoveById 300016
+  SecRuleRemoveById 380000
+  SecRuleRemoveById 360001
+</LocationMatch>
+
+#Added 27AUG2006
+#Courtesy of Tom Donovan
+#ColdFusion RDS
+<LocationMatch "/CFIDE/main/ide.cfm">
+   SecRuleRemoveById 360001
+</LocationMatch>
+
+#servlet/webacc
+<LocationMatch "/servlet/webacc">
+  SecRuleRemoveById 300013
+</LocationMatch>
+
+#WordPRess
+<LocationMatch "/wp-admin/options-reading.php">
+  SecRuleRemoveById 300015
+</LocationMatch>
+
+#/profile.php
+<LocationMatch "/profile.php">
+  SecRuleRemoveById 300015
+</LocationMatch>
+
+#Open-Exchange
+<LocationMatch "/servlet/webdav.calendar/foo.xml">
+  SecRuleRemoveById 300015
+</LocationMatch>
+
+
+#owl intranet
+<LocationMatch "/intranet/setacl.php">
+  SecRuleRemoveById 300015
+</LocationMatch>
-- 
cgit v1.2.3