feat: fixing FP related to comments (#40)

azurit · web-flow · commit 71af7d8e5ed3 · 2024-04-27T00:33:48.000+10:00
* fixing FP

* Update wordpress-rule-exclusions-before.conf
diff --git a/plugins/wordpress-rule-exclusions-before.conf b/plugins/wordpress-rule-exclusions-before.conf
@@ -97,8 +97,8 @@ SecRule REQUEST_FILENAME "@endsWith /wp-comments-post.php" \
     ver:'wordpress-rule-exclusions-plugin/1.0.1'"
 
 SecRule REQUEST_FILENAME "@endsWith /wp-admin/comment.php" \
-    "id:9507170,\
-    phase:2,\
+    "id:9507131,\
+    phase:1,\
     pass,\
     t:none,\
     nolog,\
@@ -108,6 +108,22 @@ SecRule REQUEST_FILENAME "@endsWith /wp-admin/comment.php" \
     ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:newcomment_author,\
     ver:'wordpress-rule-exclusions-plugin/1.0.1'"
 
+# Replying to a comment
+SecRule REQUEST_FILENAME "@endsWith /wp-admin/admin-ajax.php" \
+    "id:9507132,\
+    phase:2,\
+    pass,\
+    t:none,\
+    nolog,\
+    ver:'wordpress-rule-exclusions-plugin/1.0.1',\
+    chain"
+    SecRule ARGS:action "@streq replyto-comment" \
+        "t:none,\
+        chain"
+        SecRule &ARGS:action "@eq 1" \
+            "t:none,\
+            ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:content"
+
 
 #
 # [ Gutenberg Editor ]
