Reprioritised rules

helm_deploy/wordpress/templates/ingress.yaml

@@ -16,39 +16,39 @@ metadata:
         log,\
         tag:github_team=hale-platform,\
         tag:environment=hale-platform-{{ .Values.configmap.envtype }}"
-      # Set WAF Config for Authenticated Users
-      SecRule REQUEST_HEADERS:Cookie "@contains WB_CONFIG={{ .Values.secrets.wbconfig }}"
-        "id:1001,\
-        phase:2,\
-        allow,\
-        nolog,\
-        tag:github_team=hale-platform,\
-        tag:environment=hale-platform-{{ .Values.configmap.envtype }}-auth,\
-        ctl:ruleEngine=DetectionOnly"
       # WordPress User enumeration blocking author query string
       SecRule ARGS:author "@rx ^([0-9]+|{num:[0-9]+)$" 
-        "id:1002,\
+        "id:1001,\
         phase:2,\
         t:none,\
         deny,\
         status:444,\
         msg:Blocking Author Enumeration Query String"
       # WordPress User Enumeration author page pretty link
       SecRule REQUEST_URI "@streq /author/" 
-        "id:1003,\
+        "id:1002,\
         phase:2,\
         t:none,\
         deny,\
         status:444,\
         msg:Blocking Author Enumeration Pretty Link"
       # WordPress REST API User Enumeration
       SecRule REQUEST_URI "@streq /wp-json/wp/v2/users" 
-        "id:1004,\
+        "id:1003,\
         phase:2,\
         t:none,\
         deny,\
         status:444,\
         msg:Blocking REST API User Enumeration"
+      # Set WAF Config for Authenticated Users
+      SecRule REQUEST_HEADERS:Cookie "@contains WB_CONFIG={{ .Values.secrets.wbconfig }}"
+        "id:1004,\
+        phase:2,\
+        allow,\
+        nolog,\
+        tag:github_team=hale-platform,\
+        tag:environment=hale-platform-{{ .Values.configmap.envtype }}-auth,\
+        ctl:ruleEngine=DetectionOnly"
     nginx.ingress.kubernetes.io/server-snippet: |
       location = /.well-known/security.txt {
         auth_basic off;