JesseBot @jessebot@social.smallhack.org
Public

Does anyone know of a public set of ModSecurity exceptions for the fediverse/ActivityPub I can take a look at? I'm setting it up for GoToSocial and Mastodon now and manually doing this is pain.

Update, @cloudymax and I started a plugin here:
https://github.com/small-hack/argocd-apps/blob/2b7995c6fae5ecbb3944c6c6f4b139d98b76e67f/ingress-nginx/modsecurity_plugins_configmap.yaml#L177

Still happy to collaborate on it, but also wanted to note there was a mention a year ago about making an ActivityPub plugin over at the OWASP CRS repo, so maybe we could donate to that if its ever created:
https://github.com/coreruleset/coreruleset/issues/3497#issuecomment-1902181156

#WAF #modsecurity #nginx #apache #firewall #webApplicationFirewall #mastodon #gotosocial #activitypub

Common Argo CD templates we use for self hosted cloud stuff. We're still working towards full stability, but feel free to take things or ask questions :) - small-hack/argocd-apps

argocd-apps/ingress-nginx/modsecurity_plugins_configmap.yaml at 2b7995c6fae5ecbb3944c6c6f4b139d98b76e67f · small-hack/argocd-apps

Common Argo CD templates we use for self hosted cloud stuff. We're still working towards full stability, but feel free to take things or ask questions :) - small-hack/argocd-apps

github.com · GitHub

0
1
0

If you have a fediverse account, you can quote this note from your own instance. Search https://social.smallhack.org/users/jessebot/statuses/01K3ZXWQ060M3SDKCRSNETKMT4 on your instance and quote it. (Note that quoting is not supported in Mastodon.)