# ------------------------------------------------------------------------ # OWASP CRS ver.4.24.0-dev # Copyright (c) 2006-2020 Trustwave and contributors. All rights reserved. # Copyright (c) 2021-2026 CRS project. All rights reserved. # # The OWASP CRS is distributed under # Apache Software License (ASL) version 2 # Please see the enclosed LICENSE file for full details. # ------------------------------------------------------------------------ # This file is used as an exception mechanism to remove common false positives # that may be encountered. This file does not contain any runtime rule-exclusions # and so it must loaded after all the request rules have been created. # To have a standard order, please: # # 1. Keep all the exceptions that target the same cookie (or cookie regexp together) # 2. Order them by rule id. # 3. Add a blank line when the cookie/cookie regexp changes, so it shows visually # Google Analytics Cookies # Matches: # _ga # _ga_5WLQM4K1ZX SecRuleUpdateTargetById 932240 "!REQUEST_COOKIES:/^_ga(?:_\w+)?$/" SecRuleUpdateTargetById 941100 "!REQUEST_COOKIES:/^_ga(?:_\w+)?$/" SecRuleUpdateTargetById 942290 "!REQUEST_COOKIES:/^_ga(?:_\w+)?$/" SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:/^_ga(?:_\w+)?$/" SecRuleUpdateTargetById 942550 "!REQUEST_COOKIES:/^_ga(?:_\w+)?$/" # Google Ads Cookie SecRuleUpdateTargetById 941100 "!REQUEST_COOKIES:__gads" SecRuleUpdateTargetById 942290 "!REQUEST_COOKIES:__gads" SecRuleUpdateTargetById 942420 "!REQUEST_COOKIES:__gads" SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:__gads" SecRuleUpdateTargetById 942550 "!REQUEST_COOKIES:__gads" SecRuleUpdateTargetById 942420 "!REQUEST_COOKIES:__gpi" SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:__gpi" # Google Funding Choices cookie SecRuleUpdateTargetById 941100 "!REQUEST_COOKIES:FCCDCF" SecRuleUpdateTargetById 942290 "!REQUEST_COOKIES:FCCDCF" SecRuleUpdateTargetById 942340 "!REQUEST_COOKIES:FCCDCF" SecRuleUpdateTargetById 942370 "!REQUEST_COOKIES:FCCDCF" SecRuleUpdateTargetById 942420 "!REQUEST_COOKIES:FCCDCF" SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:FCCDCF" SecRuleUpdateTargetById 942490 "!REQUEST_COOKIES:FCCDCF" SecRuleUpdateTargetById 942550 "!REQUEST_COOKIES:FCCDCF" # Security cookie for Google Ads SecRuleUpdateTargetById 942420 "!REQUEST_COOKIES:__eoi" SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:__eoi" # Google Analytics Funding Choices cookie SecRuleUpdateTargetById 942340 "!REQUEST_COOKIES:FCNEC" SecRuleUpdateTargetById 942370 "!REQUEST_COOKIES:FCNEC" SecRuleUpdateTargetById 942420 "!REQUEST_COOKIES:FCNEC" SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:FCNEC" # Prebid.js share cookie SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:sharedid" # Microsoft Clarity tracking cookie SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:_clsk" # Microsoft Clarity marketing cookie SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:_clck" # AWS Load balancer cookie SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:_awl" # Prebid.js Cookie # Matches: # pbjs-id5id SecRuleUpdateTargetById 941100 "!REQUEST_COOKIES:/^pbjs-\w+$/" SecRuleUpdateTargetById 942200 "!REQUEST_COOKIES:/^pbjs-\w+$/" SecRuleUpdateTargetById 942290 "!REQUEST_COOKIES:/^pbjs-\w+$/" SecRuleUpdateTargetById 942340 "!REQUEST_COOKIES:/^pbjs-\w+$/" SecRuleUpdateTargetById 942370 "!REQUEST_COOKIES:/^pbjs-\w+$/" SecRuleUpdateTargetById 942420 "!REQUEST_COOKIES:/^pbjs-\w+$/" SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:/^pbjs-\w+$/" SecRuleUpdateTargetById 942490 "!REQUEST_COOKIES:/^pbjs-\w+$/" SecRuleUpdateTargetById 942550 "!REQUEST_COOKIES:/^pbjs-\w+$/" # Matomo Referer Cookie SecRuleUpdateTargetById 941320 "!REQUEST_COOKIES:/^_pk_ref/" SecRuleUpdateTargetById 941330 "!REQUEST_COOKIES:/^_pk_ref/" SecRuleUpdateTargetById 941340 "!REQUEST_COOKIES:/^_pk_ref/" SecRuleUpdateTargetById 942370 "!REQUEST_COOKIES:/^_pk_ref/" SecRuleUpdateTargetById 942380 "!REQUEST_COOKIES:/^_pk_ref/" SecRuleUpdateTargetById 942390 "!REQUEST_COOKIES:/^_pk_ref/" SecRuleUpdateTargetById 942400 "!REQUEST_COOKIES:/^_pk_ref/" SecRuleUpdateTargetById 942410 "!REQUEST_COOKIES:/^_pk_ref/" SecRuleUpdateTargetById 942420 "!REQUEST_COOKIES:/^_pk_ref/" SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:/^_pk_ref/" SecRuleUpdateTargetById 942440 "!REQUEST_COOKIES:/^_pk_ref/" SecRuleUpdateTargetById 942450 "!REQUEST_COOKIES:/^_pk_ref/" SecRuleUpdateTargetById 942470 "!REQUEST_COOKIES:/^_pk_ref/" SecRuleUpdateTargetById 942480 "!REQUEST_COOKIES:/^_pk_ref/"