File: REQUEST-905-COMMON-EXCEPTIONS.conf

package info (click to toggle)
modsecurity-crs 3.0.2-1~bpo9+1
  • links: PTS
  • area: main
  • in suites: stretch-backports
  • size: 1,064 kB
  • sloc: ansic: 727; perl: 428; python: 218; ruby: 69; makefile: 15
file content (54 lines) | stat: -rw-r--r-- 1,399 bytes parent folder | download | duplicates (3)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
# ------------------------------------------------------------------------
# OWASP ModSecurity Core Rule Set ver.3.0.2
# Copyright (c) 2006-2016 Trustwave and contributors. All rights reserved.
#
# The OWASP ModSecurity Core Rule Set is distributed under
# Apache Software License (ASL) version 2
# Please see the enclosed LICENSE file for full details.
# ------------------------------------------------------------------------


# This file is used as an exception mechanism to remove common false positives
# that may be encountered.
#
# Exception for Apache SSL pinger
#
SecRule REQUEST_LINE "@streq GET /" \
	"phase:1,\
	id:905100,\
	t:none,\
	pass,\
	nolog,\
	tag:'application-multi',\
	tag:'language-multi',\
	tag:'platform-apache',\
	tag:'attack-generic',\
	chain"
		SecRule REMOTE_ADDR "@ipMatch 127.0.0.1,::1" \
			"t:none,\
			ctl:ruleEngine=Off,\
			ctl:auditEngine=Off"

#
# Exception for Apache internal dummy connection
#
SecRule REQUEST_LINE "^(GET /|OPTIONS \*) HTTP/[12]\.[01]$" \
	"phase:1,\
	id:905110,\
	t:none,\
	pass,\
	nolog,\
        tag:'application-multi',\
        tag:'language-multi',\
        tag:'platform-apache',\
        tag:'attack-generic',\
	chain"
		SecRule REMOTE_ADDR "@ipMatch 127.0.0.1,::1" \
		"t:none,\
		chain"
			SecRule REQUEST_HEADERS:User-Agent "^.*\(internal dummy connection\)$" \
				"t:none,\
				ctl:ruleEngine=Off,\
				ctl:auditEngine=Off"