imgeraldalinio · May 14, 2020 20:46 · May 14, 2020 · May 14, 2020 · May 14, 2020
diff --git a/modsecurity-rules.conf b/modsecurity-rules.conf
@@ -1,12 +1,3 @@
-<Directory /var/www/wordpress>
-    SecRuleEngine On
-    SecRuleRemoveById 951120 951220 949110
-</Directory>
-
-<Directory /usr/share/phpmyadmin>
-    SecRuleEngine Off
-</Directory>
-
 <VirtualHost *:80>
     <LocationMatch "/wp-admin">
       SecRuleRemoveById 950109 950901 950117 958030 960024 970903 973300 973301 973304 973332 973333 973338 981143 981172 981173 981245 950007 950120 981231

diff --git a/modsecurity-rules.conf b/modsecurity-rules.conf
@@ -1,5 +1,6 @@
 <Directory /var/www/wordpress>
     SecRuleEngine On
+    SecRuleRemoveById 951120 951220 949110
 </Directory>
 
 <Directory /usr/share/phpmyadmin>

diff --git a/modsecurity-rules.conf b/modsecurity-rules.conf
@@ -0,0 +1,73 @@
+<Directory /var/www/wordpress>
+    SecRuleEngine On
+</Directory>
+
+<Directory /usr/share/phpmyadmin>
+    SecRuleEngine Off
+</Directory>
+
+<VirtualHost *:80>
+    <LocationMatch "/wp-admin">
+      SecRuleRemoveById 950109 950901 950117 958030 960024 970903 973300 973301 973304 973332 973333 973338 981143 981172 981173 981245 950007 950120 981231
+    </LocationMatch>
+
+    <LocationMatch "/wp-admin/nav-menus.php">
+      SecRuleRemoveById 960335
+    </LocationMatch>
+
+    <LocationMatch "/wp-login.php">
+      SecRuleRemoveById 950007 950109 950117 950120 950901 981143 981172 981173 970901 970903
+    </LocationMatch>
+
+    <LocationMatch "/wp-content">
+      SecRuleRemoveById 950007 950120 958231 970903 981172
+    </LocationMatch>
+
+    <LocationMatch "(/wp-admin/options.php|/wp-admin/theme-editor.php|/wp-content/plugins/)">
+      SecRuleRemoveById 950005 950006 950907 958009 959006 959070 960008 960011 960904 973334 973335 973344 973347 981231 981317
+
+      SecRuleRemoveById phpids-17 # Detects JavaScript object properties and methods
+      SecRuleRemoveById phpids-20 # Detects JavaScript language constructs
+      SecRuleRemoveById phpids-21 # Detects very basic XSS probings
+      SecRuleRemoveById phpids-30 # Detects common XSS concatenation patterns 1/2
+      SecRuleRemoveById phpids-61 # Detects url injections and RFE attempts
+    </LocationMatch>
+
+    <LocationMatch "/wp-admin/options-general.php">
+      SecRuleRemoveById 960335
+    </LocationMatch>
+
+    <LocationMatch "/wp-includes">
+      SecRuleRemoveById 950006 950007 950120 959006 960010 960012 970903 981172  
+
+      SecRuleRemoveById phpids-17 # Detects JavaScript object properties and methods
+      SecRuleRemoveById phpids-20 # Detects JavaScript language constructs
+      SecRuleRemoveById phpids-21 # Detects very basic XSS probings
+      SecRuleRemoveById phpids-30 # Detects common XSS concatenation patterns 1/2
+      SecRuleRemoveById phpids-61 # Detects url injections and RFE attempts
+    </LocationMatch>
+
+    <LocationMatch "/wp-admin/post.php|/wp-admin/edit.php">
+      SecRuleRemoveById 980140 950001 950007 950120 958977 959070 959072 959073 960335 970901 973306 973316 973334 973335 973343 973344 973347 981231 981243 981244 981246 981249 981257 981318 970903 981172 981256
+    </LocationMatch>
+
+    <LocationMatch "/wp-admin/admin-ajax.php">
+      SecRuleRemoveById 950911 970901 973306 973316 973334 973335 973344 973347 981231 981257 981318 970903 950007 950120 981172 981242 981244 2100081
+    </LocationMatch>
+
+    <LocationMatch "/wp-admin/async-upload.php|/wp-admin/media-new.php">
+      SecRuleRemoveById 200004
+    </LocationMatch>
+
+    <LocationMatch "/favicon.ico">
+      SecRuleRemoveById 950007 950120 981172 981243 970903
+    </LocationMatch>
+
+    <LocationMatch "/feed">
+      SecRuleRemoveById 970901
+    </LocationMatch>
+
+    <LocationMatch "/xmlrpc.php">
+      SecRuleRemoveById 950001 959070 959071 959073 973302 973332 973333 973334 973335 973344 973347 981244 981248 981249 981256 981317 981320
+    </LocationMatch>
+</VirtualHost>
No results found