Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use new mechanism to disable plugin #4

Merged
merged 2 commits into from
Apr 22, 2022
+48 −0
Merged

Use new mechanism to disable plugin #4

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
ad2658e
Use new mechanism to disable plugin
theseion Apr 20, 2022
6f442a6
Fixed order in contributors file
theseion Apr 21, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CONTRIBUTORS.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,6 @@

- [Ervin Hegedus](https://github.com/airween)
- [Walter Hop](https://github.com/lifeforms)
- [Max Leske](https://github.com/theseion)
- [Jozef Sudolský](https://github.com/azurit)
- [Felipe Zipitría](https://github.com/fzipi)
4 changes: 4 additions & 0 deletions plugins/phpmyadmin-rule-exclusions-before.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,10 @@
# Documentation can be found here:
# https://github.com/coreruleset/phpmyadmin-rule-exclusions-plugin

# Generic rule to disable plugin
SecRule TX:phpmyadmin-rule-exclusions-plugin_enabled "@eq 0" "id:9513099,phase:1,pass,nolog,ctl:ruleRemoveById=9513100-9513999"


# Editing / copying a row - loading row data
SecRule REQUEST_FILENAME "@endsWith /tbl_change.php" \
"id:9513100,\
Expand Down
43 changes: 43 additions & 0 deletions plugins/phpmyadmin-rule-exclusions-config.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
# ------------------------------------------------------------------------
# OWASP ModSecurity Core Rule Set Plugin
# Copyright (c) 2021-2022 Core Rule Set project. All rights reserved.
#
# The OWASP ModSecurity Core Rule Set plugins are distributed under
# Apache Software License (ASL) version 2
# Please see the enclosed LICENSE file for full details.
# ------------------------------------------------------------------------

# OWASP CRS Plugin
# Plugin name: phpmyadmin-rule-exclusions
# Plugin description:
# Rule ID block base: 9,513,000 - 9,513,999
# Plugin version: 1.0.0

# Documentation can be found here:
# https://github.com/coreruleset/phpmyadmin-rule-exclusions-plugin

# Generic rule to disable the plugin
#
# Plugins are enabled by default.
#
# They become active by placing them in the plugin folder. It is possible to
# control plugin activation via setting a variable. This can be done in the
# plugin config file here.
#
# The predefined variable name is meant to be "<plugin name>-plugin_enabled".
# For the phpmyadmin-rule-exclusions-plugin, this means it can be disabled by setting
# tx.phpmyadmin-rule-exclusions-plugin_enabled=0.
#
# Note that a global setting of this variable overrides the setting here.
# That means the "enabled" variable is only set by this rule if it has not
# been set before.
#
# Feel free to set the variable unconditionally here by replacing the
# SecRule line with an unconditional SecAction statement.
#
#SecRule &TX:phpmyadmin-rule-exclusions-plugin_enabled "@eq 0" \
# "id:9513010,\
# phase:1,\
# pass,\
# nolog,\
# setvar:'tx.phpmyadmin-rule-exclusions-plugin_enabled=0'"