joao.goncalves
/
NgixProxy_Pathfinder
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
NgixProxy_Pathfinder/nginx/modsec/owasp-crs/rules/REQUEST-999-COMMON-EXCEPTIO...

100 lines
4.4 KiB
Plaintext
Raw Permalink Blame History

# ------------------------------------------------------------------------
# OWASP CRS ver.4.24.0-dev
# Copyright (c) 2006-2020 Trustwave and contributors. All rights reserved.
# Copyright (c) 2021-2026 CRS project. All rights reserved.
#
# The OWASP CRS is distributed under
# Apache Software License (ASL) version 2
# Please see the enclosed LICENSE file for full details.
# ------------------------------------------------------------------------
# This file is used as an exception mechanism to remove common false positives
# that may be encountered. This file does not contain any runtime rule-exclusions
# and so it must loaded after all the request rules have been created.
# To have a standard order, please:
#
# 1. Keep all the exceptions that target the same cookie (or cookie regexp together)
# 2. Order them by rule id.
# 3. Add a blank line when the cookie/cookie regexp changes, so it shows visually
# Google Analytics Cookies
# Matches:
# _ga
# _ga_5WLQM4K1ZX
SecRuleUpdateTargetById 932240 "!REQUEST_COOKIES:/^_ga(?:_\w+)?$/"
SecRuleUpdateTargetById 941100 "!REQUEST_COOKIES:/^_ga(?:_\w+)?$/"
SecRuleUpdateTargetById 942290 "!REQUEST_COOKIES:/^_ga(?:_\w+)?$/"
SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:/^_ga(?:_\w+)?$/"
SecRuleUpdateTargetById 942550 "!REQUEST_COOKIES:/^_ga(?:_\w+)?$/"
# Google Ads Cookie
SecRuleUpdateTargetById 941100 "!REQUEST_COOKIES:__gads"
SecRuleUpdateTargetById 942290 "!REQUEST_COOKIES:__gads"
SecRuleUpdateTargetById 942420 "!REQUEST_COOKIES:__gads"
SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:__gads"
SecRuleUpdateTargetById 942550 "!REQUEST_COOKIES:__gads"
SecRuleUpdateTargetById 942420 "!REQUEST_COOKIES:__gpi"
SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:__gpi"
# Google Funding Choices cookie
SecRuleUpdateTargetById 941100 "!REQUEST_COOKIES:FCCDCF"
SecRuleUpdateTargetById 942290 "!REQUEST_COOKIES:FCCDCF"
SecRuleUpdateTargetById 942340 "!REQUEST_COOKIES:FCCDCF"
SecRuleUpdateTargetById 942370 "!REQUEST_COOKIES:FCCDCF"
SecRuleUpdateTargetById 942420 "!REQUEST_COOKIES:FCCDCF"
SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:FCCDCF"
SecRuleUpdateTargetById 942490 "!REQUEST_COOKIES:FCCDCF"
SecRuleUpdateTargetById 942550 "!REQUEST_COOKIES:FCCDCF"
# Security cookie for Google Ads
SecRuleUpdateTargetById 942420 "!REQUEST_COOKIES:__eoi"
SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:__eoi"
# Google Analytics Funding Choices cookie
SecRuleUpdateTargetById 942340 "!REQUEST_COOKIES:FCNEC"
SecRuleUpdateTargetById 942370 "!REQUEST_COOKIES:FCNEC"
SecRuleUpdateTargetById 942420 "!REQUEST_COOKIES:FCNEC"
SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:FCNEC"
# Prebid.js share cookie
SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:sharedid"
# Microsoft Clarity tracking cookie
SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:_clsk"
# Microsoft Clarity marketing cookie
SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:_clck"
# AWS Load balancer cookie
SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:_awl"
# Prebid.js Cookie
# Matches:
# pbjs-id5id
SecRuleUpdateTargetById 941100 "!REQUEST_COOKIES:/^pbjs-\w+$/"
SecRuleUpdateTargetById 942200 "!REQUEST_COOKIES:/^pbjs-\w+$/"
SecRuleUpdateTargetById 942290 "!REQUEST_COOKIES:/^pbjs-\w+$/"
SecRuleUpdateTargetById 942340 "!REQUEST_COOKIES:/^pbjs-\w+$/"
SecRuleUpdateTargetById 942370 "!REQUEST_COOKIES:/^pbjs-\w+$/"
SecRuleUpdateTargetById 942420 "!REQUEST_COOKIES:/^pbjs-\w+$/"
SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:/^pbjs-\w+$/"
SecRuleUpdateTargetById 942490 "!REQUEST_COOKIES:/^pbjs-\w+$/"
SecRuleUpdateTargetById 942550 "!REQUEST_COOKIES:/^pbjs-\w+$/"
# Matomo Referer Cookie
SecRuleUpdateTargetById 941320 "!REQUEST_COOKIES:/^_pk_ref/"
SecRuleUpdateTargetById 941330 "!REQUEST_COOKIES:/^_pk_ref/"
SecRuleUpdateTargetById 941340 "!REQUEST_COOKIES:/^_pk_ref/"
SecRuleUpdateTargetById 942370 "!REQUEST_COOKIES:/^_pk_ref/"
SecRuleUpdateTargetById 942380 "!REQUEST_COOKIES:/^_pk_ref/"
SecRuleUpdateTargetById 942390 "!REQUEST_COOKIES:/^_pk_ref/"
SecRuleUpdateTargetById 942400 "!REQUEST_COOKIES:/^_pk_ref/"
SecRuleUpdateTargetById 942410 "!REQUEST_COOKIES:/^_pk_ref/"
SecRuleUpdateTargetById 942420 "!REQUEST_COOKIES:/^_pk_ref/"
SecRuleUpdateTargetById 942421 "!REQUEST_COOKIES:/^_pk_ref/"
SecRuleUpdateTargetById 942440 "!REQUEST_COOKIES:/^_pk_ref/"
SecRuleUpdateTargetById 942450 "!REQUEST_COOKIES:/^_pk_ref/"
SecRuleUpdateTargetById 942470 "!REQUEST_COOKIES:/^_pk_ref/"
SecRuleUpdateTargetById 942480 "!REQUEST_COOKIES:/^_pk_ref/"
Reference in New Issue View Git Blame Copy Permalink