Skip to content

Commit 5a47465

Browse files
airweenairween
committed
Decreased the 'phase' values where variable(s) allow(s)
1 parent af61974 commit 5a47465

16 files changed

+129
-129
lines changed

rules/REQUEST-903.9001-DRUPAL-EXCLUSION-RULES.conf

Lines changed: 19 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -116,7 +116,7 @@ SecAction "id:9001100,\
116116
#
117117
SecRule REQUEST_FILENAME "@endsWith /core/install.php" \
118118
"id:9001110,\
119-
phase:2,\
119+
phase:1,\
120120
pass,\
121121
nolog,\
122122
ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:account[pass][pass1],\
@@ -125,7 +125,7 @@ SecRule REQUEST_FILENAME "@endsWith /core/install.php" \
125125

126126
SecRule REQUEST_FILENAME "@endsWith /user/login" \
127127
"id:9001112,\
128-
phase:2,\
128+
phase:1,\
129129
pass,\
130130
t:none,\
131131
nolog,\
@@ -134,7 +134,7 @@ SecRule REQUEST_FILENAME "@endsWith /user/login" \
134134

135135
SecRule REQUEST_FILENAME "@endsWith /admin/people/create" \
136136
"id:9001114,\
137-
phase:2,\
137+
phase:1,\
138138
pass,\
139139
nolog,\
140140
ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:pass[pass1],\
@@ -143,7 +143,7 @@ SecRule REQUEST_FILENAME "@endsWith /admin/people/create" \
143143

144144
SecRule REQUEST_FILENAME "@rx /user/[0-9]+/edit$" \
145145
"id:9001116,\
146-
phase:2,\
146+
phase:1,\
147147
pass,\
148148
nolog,\
149149
ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:current_pass,\
@@ -165,15 +165,15 @@ SecRule REQUEST_FILENAME "@rx /user/[0-9]+/edit$" \
165165
#
166166
SecRule REQUEST_FILENAME "@contains /admin/config/" \
167167
"id:9001122,\
168-
phase:2,\
168+
phase:1,\
169169
pass,\
170170
nolog,\
171171
ctl:ruleRemoveById=942430,\
172172
ver:'OWASP_CRS/3.3.0'"
173173

174174
SecRule REQUEST_FILENAME "@endsWith /admin/config/people/accounts" \
175175
"id:9001124,\
176-
phase:2,\
176+
phase:1,\
177177
pass,\
178178
nolog,\
179179
ctl:ruleRemoveById=920271,\
@@ -190,7 +190,7 @@ SecRule REQUEST_FILENAME "@endsWith /admin/config/people/accounts" \
190190

191191
SecRule REQUEST_FILENAME "@endsWith /admin/config/development/configuration/single/import" \
192192
"id:9001126,\
193-
phase:2,\
193+
phase:1,\
194194
pass,\
195195
nolog,\
196196
ctl:ruleRemoveById=920271,\
@@ -199,7 +199,7 @@ SecRule REQUEST_FILENAME "@endsWith /admin/config/development/configuration/sing
199199

200200
SecRule REQUEST_FILENAME "@endsWith /admin/config/development/maintenance" \
201201
"id:9001128,\
202-
phase:2,\
202+
phase:1,\
203203
pass,\
204204
nolog,\
205205
ctl:ruleRemoveById=942440,\
@@ -216,7 +216,7 @@ SecRule REQUEST_FILENAME "@endsWith /admin/config/development/maintenance" \
216216
#
217217
SecRule REQUEST_FILENAME "@endsWith /contextual/render" \
218218
"id:9001140,\
219-
phase:2,\
219+
phase:1,\
220220
pass,\
221221
nolog,\
222222
ctl:ruleRemoveTargetById=942130;ARGS:ids[],\
@@ -251,7 +251,7 @@ SecAction "id:9001160,\
251251
#
252252
SecRule REQUEST_FILENAME "@endsWith /admin/config/content/formats/manage/full_html" \
253253
"id:9001170,\
254-
phase:2,\
254+
phase:1,\
255255
pass,\
256256
nolog,\
257257
ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:editor[settings][toolbar][button_groups],\
@@ -329,7 +329,7 @@ SecRule REQUEST_METHOD "@streq POST" \
329329
#
330330
SecRule REQUEST_FILENAME "@endsWith /node/add/article" \
331331
"id:9001200,\
332-
phase:2,\
332+
phase:1,\
333333
pass,\
334334
nolog,\
335335
ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:body[0][value],\
@@ -338,7 +338,7 @@ SecRule REQUEST_FILENAME "@endsWith /node/add/article" \
338338

339339
SecRule REQUEST_FILENAME "@endsWith /node/add/page" \
340340
"id:9001202,\
341-
phase:2,\
341+
phase:1,\
342342
pass,\
343343
nolog,\
344344
ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:body[0][value],\
@@ -347,7 +347,7 @@ SecRule REQUEST_FILENAME "@endsWith /node/add/page" \
347347

348348
SecRule REQUEST_FILENAME "@rx /node/[0-9]+/edit$" \
349349
"id:9001204,\
350-
phase:2,\
350+
phase:1,\
351351
pass,\
352352
nolog,\
353353
ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:body[0][value],\
@@ -357,47 +357,47 @@ SecRule REQUEST_FILENAME "@rx /node/[0-9]+/edit$" \
357357

358358
SecRule REQUEST_FILENAME "@endsWith /block/add" \
359359
"id:9001206,\
360-
phase:2,\
360+
phase:1,\
361361
pass,\
362362
nolog,\
363363
ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:body[0][value],\
364364
ver:'OWASP_CRS/3.3.0'"
365365

366366
SecRule REQUEST_FILENAME "@endsWith /admin/structure/block/block-content/manage/basic" \
367367
"id:9001208,\
368-
phase:2,\
368+
phase:1,\
369369
pass,\
370370
nolog,\
371371
ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:description,\
372372
ver:'OWASP_CRS/3.3.0'"
373373

374374
SecRule REQUEST_FILENAME "@rx /editor/filter_xss/(?:full|basic)_html$" \
375375
"id:9001210,\
376-
phase:2,\
376+
phase:1,\
377377
pass,\
378378
nolog,\
379379
ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:value,\
380380
ver:'OWASP_CRS/3.3.0'"
381381

382382
SecRule REQUEST_FILENAME "@rx /user/[0-9]+/contact$" \
383383
"id:9001212,\
384-
phase:2,\
384+
phase:1,\
385385
pass,\
386386
nolog,\
387387
ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:message[0][value],\
388388
ver:'OWASP_CRS/3.3.0'"
389389

390390
SecRule REQUEST_FILENAME "@endsWith /admin/config/development/maintenance" \
391391
"id:9001214,\
392-
phase:2,\
392+
phase:1,\
393393
pass,\
394394
nolog,\
395395
ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:maintenance_mode_message,\
396396
ver:'OWASP_CRS/3.3.0'"
397397

398398
SecRule REQUEST_FILENAME "@endsWith /admin/config/services/rss-publishing" \
399399
"id:9001216,\
400-
phase:2,\
400+
phase:1,\
401401
pass,\
402402
nolog,\
403403
ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:feed_description,\

rules/REQUEST-903.9002-WORDPRESS-EXCLUSION-RULES.conf

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,7 @@ SecRule &TX:crs_exclusions_wordpress|TX:crs_exclusions_wordpress "@eq 0" \
4747
# User login password
4848
SecRule REQUEST_FILENAME "@endsWith /wp-login.php" \
4949
"id:9002100,\
50-
phase:2,\
50+
phase:1,\
5151
pass,\
5252
t:none,\
5353
nolog,\
@@ -80,7 +80,7 @@ SecRule REQUEST_FILENAME "@endsWith /wp-login.php" \
8080
# Post comment
8181
SecRule REQUEST_FILENAME "@endsWith /wp-comments-post.php" \
8282
"id:9002130,\
83-
phase:2,\
83+
phase:1,\
8484
pass,\
8585
t:none,\
8686
nolog,\
@@ -270,7 +270,7 @@ SecRule REQUEST_FILENAME "!@contains /wp-admin/" \
270270

271271
SecRule REQUEST_FILENAME "!@contains /wp-admin/" \
272272
"id:9002401,\
273-
phase:2,\
273+
phase:1,\
274274
pass,\
275275
t:none,\
276276
nolog,\
@@ -670,7 +670,7 @@ SecRule REQUEST_FILENAME "@endsWith /wp-admin/options.php" \
670670
# permalink_structure=/index.php/%year%/%monthnum%/%day%/%postname%/
671671
SecRule REQUEST_FILENAME "@endsWith /wp-admin/options-permalink.php" \
672672
"id:9002810,\
673-
phase:2,\
673+
phase:1,\
674674
pass,\
675675
t:none,\
676676
nolog,\
@@ -742,7 +742,7 @@ SecRule REQUEST_FILENAME "@endsWith /wp-admin/edit.php" \
742742
# jquery-ui-accordion&ver=3f9999390861a0133beda3ee8acf152e
743743
SecRule REQUEST_FILENAME "@rx /wp-admin/load-(?:scripts|styles)\.php$" \
744744
"id:9002900,\
745-
phase:2,\
745+
phase:1,\
746746
pass,\
747747
t:none,\
748748
nolog,\
@@ -759,7 +759,7 @@ SecRule REQUEST_FILENAME "@rx /wp-admin/load-(?:scripts|styles)\.php$" \
759759
# Site health output can trigger database error rule.
760760
SecRule REQUEST_FILENAME "@endsWith /wp-admin/site-health.php" \
761761
"id:9002910,\
762-
phase:2,\
762+
phase:1,\
763763
pass,\
764764
t:none,\
765765
nolog,\

0 commit comments

Comments
 (0)