Elgato_dark/bunkerweb
1
0
Fork 0
mirror of https://github.com/bunkerity/bunkerweb synced 2026-05-24 09:28:37 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update modsec UI configuration to match new file names and remove unnecessary rules

Browse source
This commit is contained in:
Théophile Diot 2024-08-09 13:47:53 +01:00
parent b2b54965f8
commit c590f51944
No known key found for this signature in database
GPG key ID: FA995104A0BA376A
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/common/core/ui/confs/modsec/ui.conf
View file

@ -1,9 +1,9 @@
{% if USE_UI == "yes" +%}
SecRule REQUEST_FILENAME "@rx /(global_config|services)$" "id:7771,ctl:ruleRemoveByTag=language-shell,ctl:ruleRemoveByTag=platform-pgsql,ctl:ruleRemoveByTag=attack-xss,ctl:ruleRemoveByTag=attack-lfi,ctl:ruleRemoveByTag=attack-rfi,ctl:ruleRemoveByTag=attack-ssrf,nolog"
SecRule REQUEST_FILENAME "@rx /(global-config|modes)$" "id:7771,ctl:ruleRemoveByTag=language-shell,ctl:ruleRemoveByTag=platform-pgsql,ctl:ruleRemoveByTag=attack-xss,ctl:ruleRemoveByTag=attack-lfi,ctl:ruleRemoveByTag=attack-rfi,ctl:ruleRemoveByTag=attack-ssrf,nolog"
SecRule REQUEST_FILENAME "@rx /configs$" "id:7772,ctl:ruleRemoveByTag=language-shell,ctl:ruleRemoveByTag=attack-lfi,ctl:ruleRemoveByTag=attack-rfi,ctl:ruleRemoveByTag=attack-ssrf,nolog"
SecRule REQUEST_FILENAME "@rx /jobs$" "id:7773,ctl:ruleRemoveByTag=language-shell,ctl:ruleRemoveByTag=language-php,nolog"
SecRule REQUEST_FILENAME "@rx /jobs/download$" "id:7774,ctl:ruleRemoveByTag=attack-lfi,nolog"
{% if HTTP3 == "yes" +%}
{% if "TLSv1.3" in SSL_PROTOCOLS and HTTP3 == "yes" +%}
SecRuleRemoveById 920280
{% endif +%}
{% endif +%}