diff --git a/plugins/wordpress-rule-exclusions-before.conf b/plugins/wordpress-rule-exclusions-before.conf index 0eed23b..6d7dd73 100644 --- a/plugins/wordpress-rule-exclusions-before.conf +++ b/plugins/wordpress-rule-exclusions-before.conf @@ -45,7 +45,7 @@ SecRule REQUEST_FILENAME "@endsWith /wp-login.php" \ nolog,\ ctl:ruleRemoveTargetById=932236;ARGS_NAMES:pwd,\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:pwd,\ - ver:'wordpress-rule-exclusions-plugin/1.0.1'" + ver:'wordpress-rule-exclusions-plugin/1.1.0'" # Redirect for wp-login/wp-admin SecRule REQUEST_FILENAME "@rx /wp-(?:login|admin/admin-ajax)\.php$" \ @@ -59,7 +59,7 @@ SecRule REQUEST_FILENAME "@rx /wp-(?:login|admin/admin-ajax)\.php$" \ ctl:ruleRemoveTargetById=942430;ARGS:redirect_to,\ ctl:ruleRemoveTargetById=942431;ARGS:redirect_to,\ ctl:ruleRemoveTargetById=942432;ARGS:redirect_to,\ - ver:'wordpress-rule-exclusions-plugin/1.0.1'" + ver:'wordpress-rule-exclusions-plugin/1.1.0'" # Reset password SecRule REQUEST_FILENAME "@endsWith /wp-login.php" \ @@ -88,7 +88,7 @@ SecRule REQUEST_FILENAME "@endsWith /wp-admin/admin-ajax.php" \ nolog,\ ctl:ruleRemoveTargetById=932236;ARGS_NAMES:pwd,\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:pwd,\ - ver:'wordpress-rule-exclusions-plugin/1.0.1'" + ver:'wordpress-rule-exclusions-plugin/1.1.0'" # # [ Comments ] @@ -105,7 +105,7 @@ SecRule REQUEST_FILENAME "@endsWith /wp-comments-post.php" \ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:comment,\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:email,\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:url,\ - ver:'wordpress-rule-exclusions-plugin/1.0.1'" + ver:'wordpress-rule-exclusions-plugin/1.1.0'" SecRule REQUEST_FILENAME "@endsWith /wp-admin/comment.php" \ "id:9507131,\ @@ -117,7 +117,7 @@ SecRule REQUEST_FILENAME "@endsWith /wp-admin/comment.php" \ ctl:ruleRemoveTargetByTag=attack-sqli;ARGS:newcomment_author_url,\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:content,\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:newcomment_author,\ - ver:'wordpress-rule-exclusions-plugin/1.0.1'" + ver:'wordpress-rule-exclusions-plugin/1.1.0'" # Replying to a comment SecRule REQUEST_FILENAME "@endsWith /wp-admin/admin-ajax.php" \ @@ -156,7 +156,7 @@ SecRule REQUEST_FILENAME "@rx /wp-json/wp/v[0-9]/global-styles/[0-9]+$" \ ctl:ruleRemoveTargetById=942431;ARGS,\ ctl:ruleRemoveTargetById=942432;ARGS,\ ctl:ruleRemoveTargetById=942440;ARGS,\ - ver:'wordpress-rule-exclusions-plugin/1.0.1'" + ver:'wordpress-rule-exclusions-plugin/1.1.0'" # Gutenberg SecRule REQUEST_FILENAME "@rx /wp-json/wp/v[0-9]+/(?:navigation|pages|posts|template-parts|templates)" \ @@ -167,7 +167,7 @@ SecRule REQUEST_FILENAME "@rx /wp-json/wp/v[0-9]+/(?:navigation|pages|posts|temp nolog,\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:content,\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:json.content,\ - ver:'wordpress-rule-exclusions-plugin/1.0.1'" + ver:'wordpress-rule-exclusions-plugin/1.1.0'" # Gutenberg via rest_route for sites without pretty permalinks SecRule REQUEST_FILENAME "@endsWith /index.php" \ @@ -205,7 +205,7 @@ SecRule REQUEST_FILENAME "@rx /wp-json/wp/v[0-9]+/media" \ ctl:ruleRemoveById=200002,\ ctl:ruleRemoveById=200004,\ ctl:ruleRemoveTargetById=920120;FILES:file,\ - ver:'wordpress-rule-exclusions-plugin/1.0.1'" + ver:'wordpress-rule-exclusions-plugin/1.1.0'" # Gutenberg upload image/media via rest_route for sites without pretty permalinks SecRule REQUEST_FILENAME "@endsWith /index.php" \ @@ -388,7 +388,7 @@ SecRule REQUEST_FILENAME "@endsWith /wp-cron.php" \ nolog,\ ctl:ruleRemoveById=920180,\ ctl:ruleRemoveById=920300,\ - ver:'wordpress-rule-exclusions-plugin/1.0.1'" + ver:'wordpress-rule-exclusions-plugin/1.1.0'" # Modifying widgets under Appearance --> Widgets # Rules are disabled for all args because the paramater name keeps on changing @@ -505,7 +505,7 @@ SecRule REQUEST_FILENAME "@unconditionalMatch" \ ctl:ruleRemoveTargetById=942440;ARGS:wp_http_referer,\ ctl:ruleRemoveTargetById=932236;ARGS:_wpnonce,\ ctl:ruleRemoveTargetById=942450;ARGS:_wpnonce,\ - ver:'wordpress-rule-exclusions-plugin/1.0.1'" + ver:'wordpress-rule-exclusions-plugin/1.1.0'" # `_wp_original_http_referer` and `referredby` are used by the "Classic-Editor" plugin. @@ -534,7 +534,7 @@ SecRule ARGS_NAMES "@rx ^_wp_original_http_referer|referredby$" \ ctl:ruleRemoveTargetById=920273;ARGS_NAMES:_wp_original_http_referer,\ ctl:ruleRemoveTargetById=920273;ARGS_NAMES:referredby,\ ctl:ruleRemoveTargetById=920273;REQUEST_BODY,\ - ver:'wordpress-rule-exclusions-plugin/1.0.1'" + ver:'wordpress-rule-exclusions-plugin/1.1.0'" # @@ -679,7 +679,7 @@ SecRule REQUEST_FILENAME "@rx /wp-admin/(?:admin|admin-ajax|edit|users)\.php$" \ ctl:ruleRemoveTargetById=932236;ARGS_NAMES:ids,\ ctl:ruleRemoveTargetById=920273;ARGS_NAMES:users[0],\ ctl:ruleRemoveTargetById=942432;ARGS_NAMES:users[0],\ - ver:'wordpress-rule-exclusions-plugin/1.0.1'" + ver:'wordpress-rule-exclusions-plugin/1.1.0'" # # [ Content editing ] @@ -1003,7 +1003,7 @@ SecRule REQUEST_FILENAME "@endsWith /wp-admin/options-permalink.php" \ ctl:ruleRemoveTargetById=942431;ARGS:permalink_structure,\ ctl:ruleRemoveTargetById=942521;ARGS:permalink_structure,\ ctl:ruleRemoveTargetById=920272;REQUEST_BODY,\ - ver:'wordpress-rule-exclusions-plugin/1.0.1'" + ver:'wordpress-rule-exclusions-plugin/1.1.0'" # Comments deny list and moderation list SecRule REQUEST_FILENAME "@endsWith /wp-admin/options.php" \ @@ -1037,7 +1037,7 @@ SecRule REQUEST_FILENAME "@endsWith /wp-admin/edit.php" \ t:none,\ nolog,\ ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:s,\ - ver:'wordpress-rule-exclusions-plugin/1.0.1'" + ver:'wordpress-rule-exclusions-plugin/1.1.0'" # @@ -1089,7 +1089,7 @@ SecRule REQUEST_FILENAME "@rx /wp-admin/load-(?:scripts|styles)\.php$" \ ctl:ruleRemoveTargetById=942431;ARGS:load[chunk_2],\ ctl:ruleRemoveTargetById=942432;ARGS:load[chunk_2],\ ctl:ruleRemoveTargetById=920100;REQUEST_LINE,\ - ver:'wordpress-rule-exclusions-plugin/1.0.1'" + ver:'wordpress-rule-exclusions-plugin/1.1.0'" # Wordpress Site Health # The wordpress site health page makes use of embedded SQL/PHP