digitaldemocratic/dd-sso/docker/waf-modsecurity/rules_apps.conf

68 lines
2.2 KiB
Plaintext

# Rules
#######
SecRule REQUEST_FILENAME "@endsWith /apps/user_status/heartbeat" \
"id:99000001,\
phase:1,\
pass,\
t:none,\
nolog,\
ctl:ruleRemoveById=911100"
SecRule REQUEST_FILENAME "@rx /apps/text/session/(?:create|fetch|sync|close)$" \
"id:99000002,\
phase:1,\
pass,\
t:none,\
nolog,\
ver:'OWASP_CRS/3.2.0',\
setvar:'tx.allowed_methods=%{tx.allowed_methods} PUT DELETE'"
SecRule REQUEST_FILENAME "@contains /auth/saml2/sp/saml2-acs.php" \
"id:99000003,\
phase:1,\
pass,\
t:none,\
nolog,\
ctl:ruleRemoveById=920440"
SecRule REQUEST_FILENAME "@contains /auth/saml2/sp/saml2-logout.php" \
"id:99000004,\
phase:1,\
pass,\
t:none,\
nolog,\
ctl:ruleRemoveById=920440"
SecRule REQUEST_FILENAME "@contains /apps/text/session" \
"id:99000005,\
phase:1,\
pass,\
t:none,\
nolog,\
ctl:ruleRemoveById=911100"
SecRule REQUEST_FILENAME "@contains /apps/user_status/heartbeat" "phase:1,id:99000006,nolog,chain"
SecRule REQUEST_BODY_LENGTH "@eq 0" "ctl:requestBodyAccess=off"
SecRule REQUEST_FILENAME "@contains /remote.php/dav" "phase:1,id:99000007,nolog,chain"
SecRule REQUEST_BODY_LENGTH "@eq 0" "ctl:requestBodyAccess=off"
SecRule REQUEST_FILENAME "@contains /apps/text/session" "phase:1,id:99000008,nolog,chain"
SecRule REQUEST_BODY_LENGTH "@eq 0" "ctl:requestBodyAccess=off"
SecRule REQUEST_FILENAME "@contains /socket.io" "phase:1,id:99000009,nolog,chain"
SecRule REQUEST_BODY_LENGTH "@eq 0" "ctl:requestBodyAccess=off"
SecRule REQUEST_FILENAME "@contains /auth/realms/master/avatar-provider" "phase:1,id:99000010,nolog,chain"
SecRule REQUEST_BODY_LENGTH "@eq 0" "ctl:requestBodyAccess=off"
SecRule REQUEST_FILENAME "@contains /lib/ajax/service-nologin.php" "phase:1,id:99000011,nolog,chain"
SecRule REQUEST_BODY_LENGTH "@eq 0" "ctl:requestBodyAccess=off"
SecRule REQUEST_FILENAME "@contains /lib/ajax/service.php" "phase:1,id:99000012,nolog,chain"
SecRule REQUEST_BODY_LENGTH "@eq 0" "ctl:requestBodyAccess=off"
SecRule REQUEST_FILENAME "@contains /apps/polls/poll" "phase:1,id:99000013,nolog,chain"
SecRule REQUEST_BODY_LENGTH "@eq 0" "ctl:requestBodyAccess=off"