rules/base_rules/modsecurity_crs_47_common_exceptions.conf

   1 # ---------------------------------------------------------------
   2 # Core ModSecurity Rule Set ver.2.0.3
   3 # Copyright (C) 2006-2009 Breach Security Inc. All rights reserved.
   4 #
   5 # The ModSecuirty Core Rule Set is distributed under GPL version 2
   6 # Please see the enclosed LICENCE file for full details.
   7 # ---------------------------------------------------------------
   8
   9
  10 # This file is used as an exception mechanism to remove common false positives
  11 # that may be encountered.
  12 #
  13 # Exception for Apache SSL pinger
  14 #
  15 SecRule REQUEST_LINE "^GET /$" "chain,phase:2,t:none,pass,nolog"
  16         SecRule REMOTE_ADDR "^(127\.0\.0\.|\:\:)1$" "chain,t:none"
  17                 SecRule TX:'/PROTOCOL_VIOLATION\\\/MISSING_HEADER/' ".*" "chain,setvar:tx.missing_header=+1,setvar:tx.missing_header_%{tx.missing_header}=%{matched_var_name}"
  18                         SecRule TX:'/MISSING_HEADER_/' "TX\:(.*)" "capture,t:none,setvar:!tx.%{tx.1}"
  19
  20 #
  21 # Exception for Apache internal dummy connection
  22 #
  23 SecRule REQUEST_LINE "^(GET /|OPTIONS \*) HTTP/1.0$" "chain,phase:2,t:none,pass,nolog"
  24         SecRule REMOTE_ADDR "^(127\.0\.0\.|\:\:)1$" "chain,t:none"
  25                 SecRule REQUEST_HEADERS:User-Agent "^Apache.*\(internal dummy connection\)$" "t:none,t:none,chain"
  26                         SecRule TX:'/PROTOCOL_VIOLATION\\\/MISSING_HEADER/' ".*" "chain,setvar:tx.missing_header=+1,setvar:tx.missing_header_%{tx.missing_header}=%{matched_var_name}"
  27                                 SecRule TX:'/MISSING_HEADER_/' "TX\:(.*)" "capture,t:none,setvar:!tx.%{tx.1}"
  28