From cff260c2b4bb00cad1f2bd40f12461ffed927c91 Mon Sep 17 00:00:00 2001 From: Thibault Koechlin Date: Mon, 4 May 2026 15:13:06 +0200 Subject: [PATCH 1/3] oauth2 crs exclusion plugin --- .../crs-exclusion-plugin-google-oauth2.md | 3 +++ .../crs-exclusion-plugin-google-oauth2.yaml | 11 +++++++++++ 2 files changed, 14 insertions(+) create mode 100644 appsec-rules/crowdsecurity/crs-exclusion-plugin-google-oauth2.md create mode 100644 appsec-rules/crowdsecurity/crs-exclusion-plugin-google-oauth2.yaml diff --git a/appsec-rules/crowdsecurity/crs-exclusion-plugin-google-oauth2.md b/appsec-rules/crowdsecurity/crs-exclusion-plugin-google-oauth2.md new file mode 100644 index 00000000000..b1dbc178beb --- /dev/null +++ b/appsec-rules/crowdsecurity/crs-exclusion-plugin-google-oauth2.md @@ -0,0 +1,3 @@ +This appsec-rule contains the google oauth2 CRS rule exclusion plugin. + +It only contains datafiles that are included by the CRS appsec-rule, so installing it without having the CRS collection will do nothing. diff --git a/appsec-rules/crowdsecurity/crs-exclusion-plugin-google-oauth2.yaml b/appsec-rules/crowdsecurity/crs-exclusion-plugin-google-oauth2.yaml new file mode 100644 index 00000000000..e485d9f91fe --- /dev/null +++ b/appsec-rules/crowdsecurity/crs-exclusion-plugin-google-oauth2.yaml @@ -0,0 +1,11 @@ +name: crowdsecurity/crs-exclusion-plugin-cpanel + +# This appsec-rule is only here to make crowdsec download the datafiles, inclusion is done by the CRS appsec-rules + +data: + - source_url: https://hub-data.crowdsec.net/appsec/crs-plugins/cpanel-rule-exclusions-plugin/cpanel-rule-exclusions-before.conf + dest_file: crs-plugins/cpanel/cpanel-rule-exclusions-before.conf + type: modsec + - source_url: https://hub-data.crowdsec.net/appsec/crs-plugins/cpanel-rule-exclusions-plugin/cpanel-rule-exclusions-config.conf + dest_file: crs-plugins/cpanel/cpanel-rule-exclusions-config.conf + type: modsec \ No newline at end of file From e9a1fb308b50b027ba50e4438d1691ef9933e237 Mon Sep 17 00:00:00 2001 From: Thibault Koechlin Date: Mon, 4 May 2026 15:22:14 +0200 Subject: [PATCH 2/3] filepathh --- .../crs-exclusion-plugin-google-oauth2.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/appsec-rules/crowdsecurity/crs-exclusion-plugin-google-oauth2.yaml b/appsec-rules/crowdsecurity/crs-exclusion-plugin-google-oauth2.yaml index e485d9f91fe..5a620779d8f 100644 --- a/appsec-rules/crowdsecurity/crs-exclusion-plugin-google-oauth2.yaml +++ b/appsec-rules/crowdsecurity/crs-exclusion-plugin-google-oauth2.yaml @@ -1,11 +1,11 @@ -name: crowdsecurity/crs-exclusion-plugin-cpanel +name: crowdsecurity/crs-exclusion-plugin-google-oauth2 # This appsec-rule is only here to make crowdsec download the datafiles, inclusion is done by the CRS appsec-rules data: - - source_url: https://hub-data.crowdsec.net/appsec/crs-plugins/cpanel-rule-exclusions-plugin/cpanel-rule-exclusions-before.conf - dest_file: crs-plugins/cpanel/cpanel-rule-exclusions-before.conf + - source_url: https://hub-data.crowdsec.net/appsec/crs-plugins/google-oauth2-exclusion-plugin/google-oauth2-before.conf + dest_file: crs-plugins/google-oauth2/google-oauth2-before.conf type: modsec - - source_url: https://hub-data.crowdsec.net/appsec/crs-plugins/cpanel-rule-exclusions-plugin/cpanel-rule-exclusions-config.conf - dest_file: crs-plugins/cpanel/cpanel-rule-exclusions-config.conf + - source_url: https://hub-data.crowdsec.net/appsec/crs-plugins/google-oauth2-exclusion-plugin/google-oauth2-config.conf + dest_file: crs-plugins/google-oauth2/google-oauth2-config.conf type: modsec \ No newline at end of file From 54899a7ba02fd0bd5e40c0e62fe6f8c0d33b8928 Mon Sep 17 00:00:00 2001 From: "Thibault \"bui\" Koechlin" Date: Tue, 5 May 2026 15:48:49 +0200 Subject: [PATCH 3/3] Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> --- .../crowdsecurity/crs-exclusion-plugin-google-oauth2.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/appsec-rules/crowdsecurity/crs-exclusion-plugin-google-oauth2.md b/appsec-rules/crowdsecurity/crs-exclusion-plugin-google-oauth2.md index b1dbc178beb..bc1ac509725 100644 --- a/appsec-rules/crowdsecurity/crs-exclusion-plugin-google-oauth2.md +++ b/appsec-rules/crowdsecurity/crs-exclusion-plugin-google-oauth2.md @@ -1,3 +1,3 @@ -This appsec-rule contains the google oauth2 CRS rule exclusion plugin. +This appsec-rule contains the Google OAuth2 CRS rule exclusion plugin. It only contains datafiles that are included by the CRS appsec-rule, so installing it without having the CRS collection will do nothing.