root / trunk / Rules / waf.txt
History | View | Annotate | Download (3.1 kB)
| 1 | # TYPO3 WAF RULE SET FILE http://typo3.org/waf.txt 280907-1 |
|---|---|
| 2 | # (based on ModSecurity Core Rules 2.1-1.4.3 from modsecurity.org) |
| 3 | # |
| 4 | # RULES ID RANGES |
| 5 | # 1-99,999; reserved for local (internal) use. Use as you see fit but do not use this range for rules that are distributed to others. |
| 6 | # 100,000-199,999; reserved for internal use of the engine, to assign to rules that do not have explicit IDs. |
| 7 | # 200,000-299,999; reserved for rules published at modsecurity.org. |
| 8 | # 300,000-399,999; reserved for rules published at gotroot.com. |
| 9 | # 400,000-419,999; unused (available for reservation). |
| 10 | # 420,000-429,999; reserved for ScallyWhack. |
| 11 | # 430,000-899,999; unused (available for reservation). |
| 12 | # 900,000-999,999; reserved for the Core Rules project. |
| 13 | # 1,000,000 and above; unused (available for reservation). |
| 14 | |
| 15 | # START Example configuration file for the mod_security Apache2 module START |
| 16 | # |
| 17 | #LoadFile /usr/lib64/libxml2.so.2 |
| 18 | #LoadModule security2_module modules/mod_security2.so |
| 19 | #LoadModule unique_id_module modules/mod_unique_id.so |
| 20 | # |
| 21 | #<IfModule mod_security2.c> |
| 22 | # # This is the ModSecurity Core Rules set. |
| 23 | # |
| 24 | # # Basic configuration goes in here |
| 25 | # |
| 26 | # Include modsecurity.d/modsecurity_crs_10_config.conf |
| 27 | # |
| 28 | # # Protocol violation and anomalies. |
| 29 | # |
| 30 | # Include modsecurity.d/blocking/modsecurity_crs_20_protocol_violations.conf |
| 31 | # Include modsecurity.d/blocking/modsecurity_crs_21_protocol_anomalies.conf |
| 32 | # |
| 33 | # # HTTP policy rules |
| 34 | # |
| 35 | # Include modsecurity.d/modsecurity_crs_30_http_policy.conf |
| 36 | # |
| 37 | # # Here comes the bad stuff... |
| 38 | # |
| 39 | # Include modsecurity.d/modsecurity_crs_35_bad_robots.conf |
| 40 | # Include modsecurity.d/blocking/modsecurity_crs_40_generic_attacks.conf |
| 41 | # Include modsecurity.d/modsecurity_crs_45_trojans.conf |
| 42 | # Include modsecurity.d/modsecurity_crs_50_outbound.conf |
| 43 | # |
| 44 | # # Search engines and other crawlers. Only useful if you want to track |
| 45 | # # Google / Yahoo et. al. |
| 46 | # |
| 47 | # # Include modsecurity.d/modsecurity_crs_55_marketing.conf |
| 48 | # |
| 49 | # # Put your local rules in here. http://typo3.org/waf.txt (this file). |
| 50 | # |
| 51 | # Include modsecurity.d/modsecurity_crs_9999_typo3.conf |
| 52 | #</IfModule> |
| 53 | # |
| 54 | # END Example configuration file for the mod_security Apache2 module END |
| 55 | |
| 56 | # Disable WAF for TYPO3 BE |
| 57 | |
| 58 | <Location /typo3> |
| 59 | SecRuleEngine Off |
| 60 | </Location> |
| 61 | |
| 62 | # Disabling ModSecurity Core Rules to create a light weight filter. |
| 63 | |
| 64 | # Core Rules 20 |
| 65 | SecRuleRemoveById 960911 950012 960912 960016 960011 960012 960013 950107 950801 950116 960014 960018 960901 |
| 66 | # Core Rules 21 |
| 67 | SecRuleRemoveById 960008 960008 960015 960015 960009 960009 960904 960017 960913 |
| 68 | # Core Rules 30 |
| 69 | SecRuleRemoveById 960032 960010 960034 960035 960038 960902 960903 |
| 70 | # Core Rules 35 |
| 71 | SecRuleRemoveById 990002 990901 990902 990012 990011 |
| 72 | # Core Rules 40 |
| 73 | SecRuleRemoveById 950008 950010 950011 950018 950019 |
| 74 | # Core Rules 45 |
| 75 | SecRuleRemoveById 950110 950921 950922 |
| 76 | # Core Rules 50 |
| 77 | SecRuleRemoveById 970002 970003 970004 970904 970007 970008 970009 970010 970012 970013 970014 970903 970015 970902 970016 970018 970901 970118 970021 |
| 78 | # Core Rules 55 |
| 79 | SecRuleRemoveById 910008 910007 910006 |
| 80 | |
| 81 | # TYPO3 WAF rule set |
| 82 | # Blank |
| 83 | # still beta testing the Core Rules... |