23 lines
1.2 KiB
Plaintext
23 lines
1.2 KiB
Plaintext
# Ficheiro de Exceções do ModSecurity para o Zabbix (ATUALIZADO)
|
|
|
|
# --------------------------------------------------------------------------
|
|
# Zabbix Web Interface Protection
|
|
# --------------------------------------------------------------------------
|
|
# REMOVED: zabbix.php whitelist. The UI should be protected by WAF.
|
|
# REMOVED: api_jsonrpc.php whitelist. This should only be accessed via VPN
|
|
# (covered by Global Internal Network rule 10000).
|
|
|
|
# --------------------------------------------------------------------------
|
|
# Dashboard Noise Reduction
|
|
# --------------------------------------------------------------------------
|
|
# Allows jsrpc.php which handles some background AJAX for the dashboard.
|
|
# If this causes security concerns, it can be removed, but usually generates false positives.
|
|
SecRule REQUEST_URI "@streq /jsrpc.php" \
|
|
"id:10004,phase:1,pass,nolog,ctl:ruleEngine=Off"
|
|
|
|
# --------------------------------------------------------------------------
|
|
# Host Discovery
|
|
# --------------------------------------------------------------------------
|
|
SecRule REQUEST_URI "@beginsWith /zabbix/host_discovery.php" \
|
|
"id:10005,phase:1,pass,nolog,ctl:ruleRemoveById=9XXXXX,ctl:ruleRemoveById=9YYYYY"
|