Testing User Enumeration Block

ministryofjustice · Dec 5, 2024 · f5f6a7a · f5f6a7a
1 parent 19ecb37
commit f5f6a7a
Showing 1 changed file with 24 additions and 0 deletions.
diff --git a/helm_deploy/wordpress/templates/ingress.yaml b/helm_deploy/wordpress/templates/ingress.yaml
@@ -25,6 +25,30 @@ metadata:
         tag:github_team=hale-platform,\
         tag:environment=hale-platform-{{ .Values.configmap.envtype }}-auth,\
         ctl:ruleEngine=DetectionOnly"
+      # WordPress User enumeration blocking author query string
+      SecRule ARGS:author "@rx ^([0-9]+|{num:[0-9]+)$" 
+        "id:1002,\
+        phase:2,\
+        t:none,\
+        deny,\
+        status:444,\
+        msg:Blocking Author Enumeration Query String"
+      # WordPress User Enumeration author page pretty link
+      SecRule REQUEST_URI "@streq /author/" 
+        "id:1003,\
+        phase:2,\
+        t:none,\
+        deny,\
+        status:444,\
+        msg:Blocking Author Enumeration Pretty Link"
+      # WordPress REST API User Enumeration
+      SecRule REQUEST_URI "@streq /wp-json/wp/v2/users" 
+        "id:1004,\
+        phase:2,\
+        t:none,\
+        deny,\
+        status:444,\
+        msg:Blocking REST API User Enumeration"
     nginx.ingress.kubernetes.io/server-snippet: |
       location = /.well-known/security.txt {
         auth_basic off;