Enhance ModSecurity rules by adding additional rule removal for attack-rfi in UI configuration

2026-05-24 09:28:37 +00:00 · 2025-01-10 14:40:31 +01:00 · 2025-01-10 14:40:31 +01:00 · 383af8f421
commit 383af8f421
parent c32f1c10a6
1 changed files with 2 additions and 2 deletions
--- a/src/common/core/ui/confs/modsec-crs/ui.conf
+++ b/src/common/core/ui/confs/modsec-crs/ui.conf
@ -1,6 +1,6 @@
 {%- if USE_UI == "yes" -%}
-SecRule REQUEST_FILENAME "@rx /(global-config|services/.+)$" "id:1007771,ctl:ruleRemoveById=932235,nolog"
+SecRule REQUEST_FILENAME "@rx /(global-config|services/.+)$" "id:1007771,ctl:ruleRemoveById=932235,ctl:ruleRemoveByTag=attack-rfi,nolog"
 SecRule REQUEST_FILENAME "@rx /(services|cache)/.+$" "id:1007772,ctl:ruleRemoveById=920440,nolog"
-SecRule REQUEST_FILENAME "@rx /(configs)/.+$" "id:1007773,ctl:ruleRemoveByTag=attack-rce,nolog"
+SecRule REQUEST_FILENAME "@rx /(configs)/.+$" "id:1007773,ctl:ruleRemoveByTag=attack-rce,ctl:ruleRemoveByTag=attack-rfi,nolog"
 SecRule REQUEST_FILENAME "@endsWith /logs" "id:1007774,ctl:ruleRemoveById=953100,nolog"
 {%- endif %}