1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
# ---------------------------------------------------------------
# Core ModSecurity Rule Set ver.2.0.5
# Copyright (C) 2006-2010 Breach Security Inc. All rights reserved.
#
# The ModSecurity Core Rule Set is distributed under GPL version 2
# Please see the enclosed LICENCE file for full details.
# ---------------------------------------------------------------
# This file is used as an exception mechanism to remove common false positives
# that may be encountered.
#
# Exception for Apache SSL pinger
#
SecRule REQUEST_LINE "^GET /$" "chain,phase:2,t:none,pass,nolog"
SecRule REMOTE_ADDR "^(127\.0\.0\.|\:\:)1$" "chain,t:none"
SecRule TX:'/PROTOCOL_VIOLATION\\\/MISSING_HEADER/' ".*" "chain,setvar:tx.missing_header=+1,setvar:tx.missing_header_%{tx.missing_header}=%{matched_var_name}"
SecRule TX:'/MISSING_HEADER_/' "TX\:(.*)" "capture,t:none,setvar:!tx.%{tx.1}"
#
# Exception for Apache internal dummy connection
#
SecRule REQUEST_LINE "^(GET /|OPTIONS \*) HTTP/1.0$" "chain,phase:2,t:none,pass,nolog"
SecRule REMOTE_ADDR "^(127\.0\.0\.|\:\:)1$" "chain,t:none"
SecRule REQUEST_HEADERS:User-Agent "^Apache.*\(internal dummy connection\)$" "t:none,t:none,chain"
SecRule TX:'/PROTOCOL_VIOLATION\\\/MISSING_HEADER/' ".*" "chain,setvar:tx.missing_header=+1,setvar:tx.missing_header_%{tx.missing_header}=%{matched_var_name}"
SecRule TX:'/MISSING_HEADER_/' "TX\:(.*)" "capture,t:none,setvar:!tx.%{tx.1}"
|
