View file File name : REQUEST-905-COMMON-EXCEPTIONS.conf Content :# ------------------------------------------------------------------------ # OWASP CRS ver.4.7.0-dev # Copyright (c) 2006-2020 Trustwave and contributors. All rights reserved. # Copyright (c) 2021-2024 CRS project. All rights reserved. # # The OWASP CRS is distributed under # Apache Software License (ASL) version 2 # Please see the enclosed LICENSE file for full details. # ------------------------------------------------------------------------ # This file is used as an exception mechanism to remove common false positives # that may be encountered. # # Exception for Apache SSL pinger # SecRule REQUEST_LINE "@streq GET /" \ "id:905100,\ phase:1,\ pass,\ t:none,\ nolog,\ tag:'application-multi',\ tag:'language-multi',\ tag:'platform-apache',\ tag:'attack-generic',\ tag:'OWASP_CRS',\ ver:'OWASP_CRS/4.7.0-dev',\ chain" SecRule REMOTE_ADDR "@ipMatch 127.0.0.1,::1" \ "t:none,\ ctl:ruleRemoveByTag=OWASP_CRS,\ ctl:auditEngine=Off" # # Exception for Apache internal dummy connection # SecRule REMOTE_ADDR "@ipMatch 127.0.0.1,::1" \ "id:905110,\ phase:1,\ pass,\ t:none,\ nolog,\ tag:'application-multi',\ tag:'language-multi',\ tag:'platform-apache',\ tag:'attack-generic',\ tag:'OWASP_CRS',\ ver:'OWASP_CRS/4.7.0-dev',\ chain" SecRule REQUEST_HEADERS:User-Agent "@endsWith (internal dummy connection)" \ "t:none,\ chain" SecRule REQUEST_LINE "@rx ^(?:GET /|OPTIONS \*) HTTP/[12]\.[01]$" \ "t:none,\ ctl:ruleRemoveByTag=OWASP_CRS,\ ctl:auditEngine=Off"