From a6ff4dc7fd15da708b38acd3bf9bcce615647517 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Th=C3=A9ophile=20Diot?= <tdiot@bunkerity.com>
Date: Wed, 24 Jul 2024 12:37:22 +0100
Subject: [PATCH] chore: Add rule to remove attack-lfi tag for /jobs/download
 endpoint

---
 src/common/core/ui/confs/modsec/ui.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/common/core/ui/confs/modsec/ui.conf b/src/common/core/ui/confs/modsec/ui.conf
index 66d4c52bb..9a65aca04 100644
--- a/src/common/core/ui/confs/modsec/ui.conf
+++ b/src/common/core/ui/confs/modsec/ui.conf
@@ -2,4 +2,5 @@
 SecRule REQUEST_FILENAME "@rx /(global_config|services)$" "id:7771,ctl:ruleRemoveByTag=language-shell,ctl:ruleRemoveByTag=platform-pgsql,ctl:ruleRemoveByTag=attack-xss,ctl:ruleRemoveByTag=attack-lfi,ctl:ruleRemoveByTag=attack-rfi,ctl:ruleRemoveByTag=attack-ssrf,nolog"
 SecRule REQUEST_FILENAME "@rx /configs$" "id:7772,ctl:ruleRemoveByTag=language-shell,ctl:ruleRemoveByTag=attack-lfi,ctl:ruleRemoveByTag=attack-rfi,ctl:ruleRemoveByTag=attack-ssrf,nolog"
 SecRule REQUEST_FILENAME "@rx /jobs$" "id:7773,ctl:ruleRemoveByTag=language-shell,ctl:ruleRemoveByTag=language-php,nolog"
+SecRule REQUEST_FILENAME "@rx /jobs/download$" "id:7774,ctl:ruleRemoveByTag=attack-lfi,nolog"
 {% endif +%}