68 lines
2.2 KiB
Plaintext
68 lines
2.2 KiB
Plaintext
|
# Rules
|
||
|
#######
|
||
|
|
||
|
SecRule REQUEST_FILENAME "@endsWith /apps/user_status/heartbeat" \
|
||
|
"id:99000001,\
|
||
|
phase:1,\
|
||
|
pass,\
|
||
|
t:none,\
|
||
|
nolog,\
|
||
|
ctl:ruleRemoveById=911100"
|
||
|
|
||
|
SecRule REQUEST_FILENAME "@rx /apps/text/session/(?:create|fetch|sync|close)$" \
|
||
|
"id:99000002,\
|
||
|
phase:1,\
|
||
|
pass,\
|
||
|
t:none,\
|
||
|
nolog,\
|
||
|
ver:'OWASP_CRS/3.2.0',\
|
||
|
setvar:'tx.allowed_methods=%{tx.allowed_methods} PUT DELETE'"
|
||
|
|
||
|
SecRule REQUEST_FILENAME "@contains /auth/saml2/sp/saml2-acs.php" \
|
||
|
"id:99000003,\
|
||
|
phase:1,\
|
||
|
pass,\
|
||
|
t:none,\
|
||
|
nolog,\
|
||
|
ctl:ruleRemoveById=920440"
|
||
|
|
||
|
SecRule REQUEST_FILENAME "@contains /auth/saml2/sp/saml2-logout.php" \
|
||
|
"id:99000004,\
|
||
|
phase:1,\
|
||
|
pass,\
|
||
|
t:none,\
|
||
|
nolog,\
|
||
|
ctl:ruleRemoveById=920440"
|
||
|
|
||
|
SecRule REQUEST_FILENAME "@contains /apps/text/session" \
|
||
|
"id:99000005,\
|
||
|
phase:1,\
|
||
|
pass,\
|
||
|
t:none,\
|
||
|
nolog,\
|
||
|
ctl:ruleRemoveById=911100"
|
||
|
|
||
|
SecRule REQUEST_FILENAME "@contains /apps/user_status/heartbeat" "phase:1,id:99000006,nolog,chain"
|
||
|
SecRule REQUEST_BODY_LENGTH "@eq 0" "ctl:requestBodyAccess=off"
|
||
|
|
||
|
SecRule REQUEST_FILENAME "@contains /remote.php/dav" "phase:1,id:99000007,nolog,chain"
|
||
|
SecRule REQUEST_BODY_LENGTH "@eq 0" "ctl:requestBodyAccess=off"
|
||
|
|
||
|
SecRule REQUEST_FILENAME "@contains /apps/text/session" "phase:1,id:99000008,nolog,chain"
|
||
|
SecRule REQUEST_BODY_LENGTH "@eq 0" "ctl:requestBodyAccess=off"
|
||
|
|
||
|
SecRule REQUEST_FILENAME "@contains /socket.io" "phase:1,id:99000009,nolog,chain"
|
||
|
SecRule REQUEST_BODY_LENGTH "@eq 0" "ctl:requestBodyAccess=off"
|
||
|
|
||
|
SecRule REQUEST_FILENAME "@contains /auth/realms/master/avatar-provider" "phase:1,id:99000010,nolog,chain"
|
||
|
SecRule REQUEST_BODY_LENGTH "@eq 0" "ctl:requestBodyAccess=off"
|
||
|
|
||
|
SecRule REQUEST_FILENAME "@contains /lib/ajax/service-nologin.php" "phase:1,id:99000011,nolog,chain"
|
||
|
SecRule REQUEST_BODY_LENGTH "@eq 0" "ctl:requestBodyAccess=off"
|
||
|
|
||
|
SecRule REQUEST_FILENAME "@contains /lib/ajax/service.php" "phase:1,id:99000012,nolog,chain"
|
||
|
SecRule REQUEST_BODY_LENGTH "@eq 0" "ctl:requestBodyAccess=off"
|
||
|
|
||
|
SecRule REQUEST_FILENAME "@contains /apps/polls/poll" "phase:1,id:99000013,nolog,chain"
|
||
|
SecRule REQUEST_BODY_LENGTH "@eq 0" "ctl:requestBodyAccess=off"
|