Skip to content
This repository has been archived by the owner on May 14, 2020. It is now read-only.

Commit

Permalink
Merge pull request #1738 from lifeforms/wordpress-urls
Browse files Browse the repository at this point in the history 
WordPress: exclude additional URL fields in profile editor
  • Loading branch information
@lifeforms
lifeforms authored May 4, 2020
2 parents f1f7595 + b687960 commit 20d04d3
Showing 1 changed file with 16 additions and 1 deletion.
17 changes: 16 additions & 1 deletion rules/REQUEST-903.9002-WORDPRESS-EXCLUSION-RULES.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -292,9 +292,14 @@ SecRule REQUEST_FILENAME "@endsWith /wp-admin/profile.php" \
"t:none,\
ctl:ruleRemoveTargetById=931130;ARGS:url,\
ctl:ruleRemoveTargetById=931130;ARGS:facebook,\
ctl:ruleRemoveTargetById=931130;ARGS:googleplus,\
ctl:ruleRemoveTargetById=931130;ARGS:instagram,\
ctl:ruleRemoveTargetById=931130;ARGS:linkedin,\
ctl:ruleRemoveTargetById=931130;ARGS:myspace,\
ctl:ruleRemoveTargetById=931130;ARGS:pinterest,\
ctl:ruleRemoveTargetById=931130;ARGS:soundcloud,\
ctl:ruleRemoveTargetById=931130;ARGS:tumblr,\
ctl:ruleRemoveTargetById=931130;ARGS:youtube,\
ctl:ruleRemoveTargetById=931130;ARGS:wikipedia,\
ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:pass1,\
ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:pass1-text,\
ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:pass2"
Expand All @@ -313,6 +318,16 @@ SecRule REQUEST_FILENAME "@endsWith /wp-admin/user-edit.php" \
SecRule &ARGS:action "@eq 1" \
"t:none,\
ctl:ruleRemoveTargetById=931130;ARGS:url,\
ctl:ruleRemoveTargetById=931130;ARGS:url,\
ctl:ruleRemoveTargetById=931130;ARGS:facebook,\
ctl:ruleRemoveTargetById=931130;ARGS:instagram,\
ctl:ruleRemoveTargetById=931130;ARGS:linkedin,\
ctl:ruleRemoveTargetById=931130;ARGS:myspace,\
ctl:ruleRemoveTargetById=931130;ARGS:pinterest,\
ctl:ruleRemoveTargetById=931130;ARGS:soundcloud,\
ctl:ruleRemoveTargetById=931130;ARGS:tumblr,\
ctl:ruleRemoveTargetById=931130;ARGS:youtube,\
ctl:ruleRemoveTargetById=931130;ARGS:wikipedia,\
ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:pass1,\
ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:pass1-text,\
ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:pass2"
Expand Down

0 comments on commit 20d04d3

Please sign in to comment.