Add rule to remove language-shell and language-php tags from /jobs endpoint in ui.conf for web UI

2026-05-24 09:28:37 +00:00 · 2024-03-30 17:45:11 +00:00 · 2024-03-30 17:45:11 +00:00 · 18146060aa
commit 18146060aa
parent 9ac335a886
1 changed files with 1 additions and 0 deletions
--- a/src/common/core/ui/confs/modsec/ui.conf
+++ b/src/common/core/ui/confs/modsec/ui.conf
@ -1,4 +1,5 @@
 {% if USE_UI == "yes" +%}
 SecRule REQUEST_FILENAME "@rx /(global_config|services)$" "id:7771,ctl:ruleRemoveByTag=language-shell,ctl:ruleRemoveByTag=platform-pgsql,ctl:ruleRemoveByTag=attack-xss,ctl:ruleRemoveByTag=attack-lfi,ctl:ruleRemoveByTag=attack-rfi,ctl:ruleRemoveByTag=attack-ssrf,nolog"
 SecRule REQUEST_FILENAME "@rx /configs$" "id:7772,ctl:ruleRemoveByTag=language-shell,ctl:ruleRemoveByTag=attack-lfi,ctl:ruleRemoveByTag=attack-rfi,ctl:ruleRemoveByTag=attack-ssrf,nolog"
+SecRule REQUEST_FILENAME "@rx /jobs$" "id:7773,ctl:ruleRemoveByTag=language-shell,ctl:ruleRemoveByTag=language-php,nolog"
 {% endif +%}