Na}{

File Content: `REQUEST-905-COMMON-EXCEPTIONS.conf`

# ------------------------------------------------------------------------
# OWASP CRS ver.4.7.0-dev
# Copyright (c) 2006-2020 Trustwave and contributors. All rights reserved.
# Copyright (c) 2021-2024 CRS project. All rights reserved.
#
# The OWASP CRS is distributed under
# Apache Software License (ASL) version 2
# Please see the enclosed LICENSE file for full details.
# ------------------------------------------------------------------------


# This file is used as an exception mechanism to remove common false positives
# that may be encountered.
#
# Exception for Apache SSL pinger
#
SecRule REQUEST_LINE "@streq GET /" \
    "id:905100,\
    phase:1,\
    pass,\
    t:none,\
    nolog,\
    tag:'application-multi',\
    tag:'language-multi',\
    tag:'platform-apache',\
    tag:'attack-generic',\
    tag:'OWASP_CRS',\
    ver:'OWASP_CRS/4.7.0-dev',\
    chain"
    SecRule REMOTE_ADDR "@ipMatch 127.0.0.1,::1" \
        "t:none,\
        ctl:ruleRemoveByTag=OWASP_CRS,\
        ctl:auditEngine=Off"

#
# Exception for Apache internal dummy connection
#
SecRule REMOTE_ADDR "@ipMatch 127.0.0.1,::1" \
    "id:905110,\
    phase:1,\
    pass,\
    t:none,\
    nolog,\
    tag:'application-multi',\
    tag:'language-multi',\
    tag:'platform-apache',\
    tag:'attack-generic',\
    tag:'OWASP_CRS',\
    ver:'OWASP_CRS/4.7.0-dev',\
    chain"
    SecRule REQUEST_HEADERS:User-Agent "@endsWith (internal dummy connection)" \
        "t:none,\
        chain"
        SecRule REQUEST_LINE "@rx ^(?:GET /|OPTIONS \*) HTTP/[12]\.[01]$" \
            "t:none,\
            ctl:ruleRemoveByTag=OWASP_CRS,\
            ctl:auditEngine=Off"

Name	Size	Permission
10_modsecurity_crs_10_config.conf	37009 bytes	0644
999_dreamhost_request_limits.conf	5308 bytes	0644
99_dreamhost_rules.conf	14332 bytes	0644
99_modsec-crs-setup.conf	32757 bytes	0644
REQUEST-00-LOCAL-WHITELIST.conf	9043 bytes	0644
REQUEST-901-INITIALIZATION.conf	14718 bytes	0644
REQUEST-903.9001-DRUPAL-EXCLUSION-RULES.conf	13555 bytes	0644
REQUEST-903.9002-WORDPRESS-EXCLUSION-RULES.conf	25812 bytes	0644
REQUEST-903.9003-NEXTCLOUD-EXCLUSION-RULES.conf	10642 bytes	0644
REQUEST-903.9004-DOKUWIKI-EXCLUSION-RULES.conf	7822 bytes	0644
REQUEST-905-COMMON-EXCEPTIONS.conf	1649 bytes	0644
REQUEST-911-METHOD-ENFORCEMENT.conf	2982 bytes	0644
REQUEST-913-SCANNER-DETECTION.conf	3622 bytes	0644
REQUEST-920-PROTOCOL-ENFORCEMENT.conf	64491 bytes	0644
REQUEST-921-PROTOCOL-ATTACK.conf	21029 bytes	0644
REQUEST-930-APPLICATION-ATTACK-LFI.conf	8134 bytes	0644
REQUEST-931-APPLICATION-ATTACK-RFI.conf	8932 bytes	0644
REQUEST-933-APPLICATION-ATTACK-PHP.conf	32894 bytes	0644
REQUEST-934-APPLICATION-ATTACK-NODEJS.conf	3927 bytes	0644
REQUEST-942-APPLICATION-ATTACK-SQLI.conf	96560 bytes	0644
REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION.conf	5628 bytes	0644
REQUEST-944-APPLICATION-ATTACK-JAVA.conf	22516 bytes	0644
REQUEST-949-BLOCKING-EVALUATION.conf	8176 bytes	0644
RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf	4122 bytes	0644
WPtoolUA.data	318 bytes	0644
cachefly.ips.data	166 bytes	0644
crawlers-user-agents.data	786 bytes	0644
dh_whitelist_ip.data	0 bytes	0644
fastly.ips.data	189 bytes	0644
incapsula.ips.data	110 bytes	0644
java-classes.data	1826 bytes	0644
java-code-leakages.data	264 bytes	0644
java-errors.data	240 bytes	0644
lfi-os-files.data	11712 bytes	0644
maxcdn.ips.data	623 bytes	0644
mod_sec.conf	2078 bytes	0644
modsecurity_46_slr_et_joomla.data	1731 bytes	0644
modsecurity_46_slr_et_wordpress.data	1729 bytes	0644
php-config-directives.data	12725 bytes	0644
php-errors.data	75989 bytes	0644
php-function-names-933150.data	3414 bytes	0644
php-function-names-933151.data	38099 bytes	0644
php-variables.data	610 bytes	0644
restricted-files.data	4066 bytes	0644
restricted-upload.data	2513 bytes	0644
scanners-headers.data	216 bytes	0644
scanners-urls.data	418 bytes	0644
scanners-user-agents.data	1950 bytes	0644
scripting-user-agents.data	717 bytes	0644
sig_inspect.lua	68157 bytes	0644
spam-mailer.data	84 bytes	0644
sql-errors.data	4373 bytes	0644
staminus.ips.data	228 bytes	0644
unix-shell.data	7837 bytes	0644
windows-powershell-commands.data	7222 bytes	0644

Name

Size

Permission

Action

10_modsecurity_crs_10_config.conf

37009 bytes

0644