D7net
Home
Console
Upload
information
Create File
Create Folder
About
Tools
:
/
etc
/
apache2
/
conf.d
/
modsec2
/
Filename :
updraftplus.conf
back
Copy
# CVE-2022-0633, UpdraftPlus (WP plugin) backup download vuln. See: # https://www.wordfence.com/blog/2022/02/vulnerability-in-updraftplus-allowed-subscribers-to-download-sensitive-backups/ # https://jetpack.com/2022/02/17/severe-vulnerability-fixed-in-updraftplus-1-22-3/ SecRule REQUEST_URI "\n/wp-admin/options-general.php" \ "id:5000324,\ phase:2,\ t:lowercase,\ t:urldecode,\ t:normalisePath,\ deny,\ auditlog,\ msg:'CVE-2022-0633 wordpress updraftplus',\ logdata:'Matched Data: %{MATCHED_VAR} found within %{MATCHED_VAR_NAME}'"