From 5c945e99ff947596f6c9b5083057f287aaa5c3dc Mon Sep 17 00:00:00 2001
From: "srvproxy001.itguys.com.br" <srvproxy001@itguys.com.br>
Date: Fri, 3 Oct 2025 09:12:04 -0300
Subject: [PATCH] =?UTF-8?q?[Auto-Sync]=20Atualiza=C3=A7=C3=A3o=20das=20con?=
 =?UTF-8?q?figura=C3=A7=C3=B5es=20em=20srvproxy001.itguys.com.br=20-=20202?=
 =?UTF-8?q?5-10-03=2009:12:04?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 nginx/modsecurity/global-exceptions.conf | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/nginx/modsecurity/global-exceptions.conf b/nginx/modsecurity/global-exceptions.conf
index 012a277..af5aaca 100644
--- a/nginx/modsecurity/global-exceptions.conf
+++ b/nginx/modsecurity/global-exceptions.conf
@@ -11,6 +11,13 @@
 SecRule REQUEST_URI "@beginsWith /remote.php" "id:10001,phase:1,nolog,pass,ctl:ruleEngine=Off"
 SecRule REQUEST_URI "@streq /.well-known/caldav" "id:10002,phase:1,nolog,pass,ctl:ruleEngine=Off"
 SecRule REQUEST_URI "@streq /.well-known/carddav" "id:10003,phase:1,nolog,pass,ctl:ruleEngine=Off"
+SecRule REQUEST_URI "@beginsWith /ocs/v2.php/apps/user_status/api/v1/heartbeat" \
+    "id:1001, \
+    phase:2, \
+    pass, \
+    nolog, \
+    ctl:ruleRemoveById=942100, \
+    msg:'TUNING: Falso-positivo de SQLi (942100) removido para a API de heartbeat'"
 
 # --------------------------------------------------------------------------
 # Exceções para o Zabbix