gcch/haiku-atelier-2024
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

wip avec résolution de conflits

Browse source
This commit is contained in:
gcch 2026-02-27 14:38:50 +01:00
commit ef19ba2b72
208 changed files with 178625 additions and 192002 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -60,6 +60,7 @@ containers/conf/angie/modules-available
containers/conf/angie/modules-enabled
containers/conf/angie/scripts
containers/conf/angie/snippets
containers/conf/angie/http-waf
# Formateurs
.php-cs-fixer.cache

2
.npmrc
View file

@ -1,2 +0,0 @@
# Nécessaire pour better-typescript-lib
public-hoist-pattern[]=@typescript/*

38
.oxlintrc.json
View file

@ -1,38 +0,0 @@
{
"$schema": "./node_modules/oxlint/configuration_schema.json",
"env": { "browser": true, "es2020": true, "es2022": true },
"categories": {
"correctness": "error",
"nursery": "error",
"pedantic": "error",
"perf": "warn",
"restriction": "error",
"style": "warn",
"suspicious": "error"
},
"plugins": ["jsdoc", "promise", "unicorn", "jsdoc", "oxc", "promise", "typescript", "unicorn"],
"rules": {
"import/export": "error",
"no-array-for-each": "off",
"no-async-await": "off",
"no-console": "off",
"no-magic-numbers": "warn",
"no-map-spread": "off",
"no-misused-promises": "off",
"no-optional-chaining": "off",
"no-rest-spread-properties": "off",
"no-ternary": "off",
"no-undefined": "off",
"no-unused-expressions": "off",
"no-void": "off",
"prefer-await-to-then": "off",
"promise/prefer-await-to-callbacks": "off",
"sort-imports": "off",
"typescript/array-type": ["error", { "default": "generic", "readonly": "generic" }],
"typescript/consistent-indexed-object-style": ["error", "record"],
"typescript/consistent-type-imports": "error",
"typescript/explicit-function-return-type": "warn",
"unicorn/prefer-dom-node-dataset": "off",
"yoda": ["error", "never"]
}
}

28
.php-cs-fixer.dist.php
View file

@ -1,4 +1,6 @@
<?php declare(strict_types=1);
<?php
declare(strict_types=1);
use PhpCsFixer\Config;
use PhpCsFixer\Finder;
@ -10,7 +12,7 @@ $finder = new Finder()->in(__DIR__)->exclude([
'web/wp',
'web/app/languages',
'web/app/plugins',
'web/app/mu-plugins',
'web/app/mu-plugins'
]);
return new Config()
@ -27,7 +29,7 @@ return new Config()
'const' => 'none',
'method' => 'one',
'property' => 'one',
'trait_import' => 'none',
'trait_import' => 'none'
]],
'class_reference_name_casing' => true,
'clean_namespace' => true,
@ -71,11 +73,7 @@ return new Config()
'multiline_comment_opening_closing' => true,
'native_constant_invocation' => true,
'native_function_casing' => true,
'native_function_invocation' => [
'include' => ['@compiler_optimized'],
'scope' => 'namespaced',
'strict' => true,
],
'native_function_invocation' => ['include' => ['@compiler_optimized'], 'scope' => 'namespaced', 'strict' => true],
'native_type_declaration_casing' => true,
'new_expression_parentheses' => true,
'no_alias_functions' => ['sets' => ['@all']],
@ -105,7 +103,7 @@ return new Config()
'return',
'switch_case',
'yield',
'yield_from',
'yield_from'
]],
'no_unneeded_final_method' => true,
'no_unneeded_import_alias' => true,
@ -140,7 +138,7 @@ return new Config()
'random_api_migration' => ['replacements' => [
'getrandmax' => 'mt_getrandmax',
'rand' => 'mt_rand',
'srand' => 'mt_srand',
'srand' => 'mt_srand'
]],
'return_assignment' => true,
'self_accessor' => true,
@ -179,7 +177,7 @@ return new Config()
'no_superfluous_phpdoc_tags' => [
'allow_hidden_params' => false,
'allow_mixed' => false,
'allow_unused_params' => false,
'allow_unused_params' => false
],
// PHPDoc should contain @param for all params.
'phpdoc_add_missing_param_annotation' => ['only_untyped' => false],
@ -225,7 +223,7 @@ return new Config()
'never-returns',
'no-return',
'real',
'str',
'str'
]],
// Annotations in PHPDoc should be grouped together so that annotations of the same type immediately follow each other. Annotations of a different type are separated by a single blank line.
'phpdoc_separation' => [
@ -234,9 +232,9 @@ return new Config()
['author', 'copyright', 'license'],
['category', 'package', 'subpackage'],
['property', 'property-read', 'property-write'],
['deprecated', 'link', 'see', 'since'],
['deprecated', 'link', 'see', 'since']
],
'skip_unlisted_annotations' => false,
'skip_unlisted_annotations' => false
],
// Single line @var PHPDoc should have proper spacing.
'phpdoc_single_line_var_spacing' => true,
@ -255,7 +253,7 @@ return new Config()
// @var and @type annotations must have type and name in the correct order.
'phpdoc_var_annotation_correct_order' => true,
// @var and @type annotations of classy properties should not contain the name.
'phpdoc_var_without_name' => true,
'phpdoc_var_without_name' => true
])
->setFinder($finder)
->setParallelConfig(Runner\Parallel\ParallelConfigFactory::detect());

29
.prettierignore
View file

@ -1,29 +0,0 @@
# Tout ce qui est traité par dprint
*.css
*.html
*.js
*.json
!package.json
*.jsonc
*.md
*.scss
*.ts
*.twig
*.yml
*.yaml
# Tout sauf le thème
.ddev
web/app/*
!web/app/themes
web/app/themes/haiku-atelier-2024/assets
web/app/languages
web/app/plugins
web/vendor
# Dépendances
composer.lock
pnpm-lock.yaml
# Jujutsu
.jj

31
.swcrc
View file

@ -1,31 +0,0 @@
{
"$schema": "https://swc.rs/schema.json",
"jsc": {
"externalHelpers": false,
"keepClassNames": false,
"loose": false,
"minify": {
"compress": true,
"mangle": true
},
"parser": {
"decorators": false,
"decoratorsBeforeExport": false,
"dynamicImport": false,
"exportDefaultFrom": false,
"exportNamespaceFrom": false,
"functionBind": false,
"importMeta": false,
"jsx": false,
"privateMethod": false,
"syntax": "typescript",
"topLevelAwait": false,
"tsx": false
},
"preserveAllComments": false,
"target": "es2020",
"transform": null
},
"minify": true,
"sourceMaps": true
}

17
.zed/haa.txt
View file

@ -1,17 +0,0 @@
// {
// "languages": {
// "PHP": {
// "format_on_save": "on",
// "formatter": {
// "external": {
// "command": "mago",
// "arguments": ["format", "--stdin-input"] // "command": "bash",
// // "arguments": [
// // "-c",
// // "cat > /tmp/zed_php_cs_fixer && ./vendor/bin/php-cs-fixer fix --using-cache=no --quiet /tmp/zed_php_cs_fixer && cat /tmp/zed_php_cs_fixer"
// // ]
// }
// }
// }
// }
// }

7
.zed/settings.json
View file

@ -11,7 +11,12 @@
"languages": {
"PHP": {
"format_on_save": "on",
"formatter": { "external": { "command": "mago", "arguments": ["format", "--stdin-input"] } }
"formatter": {
"external": {
"command": "mago",
"arguments": ["format", "--stdin-input"]
}
}
}
}
}

17
README.md
View file

@ -2,6 +2,23 @@
## Dépendances
### JavaScript et TypeScript
#### Dépendances
- Effect
- a11y-dialog
- lit-html
#### Dépendances de développement
- ESLint
- Oxlint
- Prettier
- SASS
- Stylelint
- Vite
### PHP
#### Dépendances

48
biome.json
View file

@ -1,48 +0,0 @@
{
"$schema": "https://biomejs.dev/schemas/2.0.4/schema.json",
"assist": { "enabled": false },
"css": { "formatter": { "enabled": false }, "linter": { "enabled": true } },
"files": {
"experimentalScannerIgnores": [
"*.min.js",
"vendor",
"web/app/plugins",
"web/app/themes/haiku-atelier-2024/assets",
"web/wp"
],
"ignoreUnknown": true,
"maxSize": 100000000
},
"formatter": { "enabled": false },
"graphql": { "formatter": { "enabled": false }, "linter": { "enabled": true } },
"json": { "formatter": { "enabled": false }, "linter": { "enabled": true } },
"linter": {
"enabled": false,
"rules": {
"complexity": { "noForEach": "off" },
"nursery": {
"recommended": true,
"useSortedClasses": {
"fix": "unsafe",
"level": "error",
"options": { "attributes": ["class"], "functions": [""] }
}
},
"recommended": true,
"style": {
"noInferrableTypes": "error",
"noNonNullAssertion": "off",
"noParameterAssign": "error",
"noUnusedTemplateLiteral": "error",
"noUselessElse": "error",
"recommended": true,
"useAsConstAssertion": "error",
"useDefaultParameterLast": "error",
"useEnumInitializers": "error",
"useNumberNamespace": "error",
"useSelfClosingElements": "error",
"useSingleVarDeclarator": "error"
}
}
}
}

1716
bun.lock
View file

File diff suppressed because it is too large Load diff

0
eslint.config.js → cfg/eslint.config.ts
View file

11
playwright.config.ts → cfg/playwright.config.ts
View file

@ -1,16 +1,5 @@
import { defineConfig, devices } from "@playwright/test";
/**
* Read environment variables from file.
* https://github.com/motdotla/dotenv
*/
// import dotenv from 'dotenv';
// import path from 'path';
// dotenv.config({ path: path.resolve(__dirname, '.env') });
/**
* See https://playwright.dev/docs/test-configuration.
*/
export default defineConfig({
testDir: "./tests",
/* Run tests in files in parallel */

7
cfg/prettier.config.ts Executable file
View file

@ -0,0 +1,7 @@
import { configClassique } from "@gcch/configuration-prettier";
const config = {
...configClassique,
};
export default config;

37
cfg/prettierignore Executable file
View file

@ -0,0 +1,37 @@
# Tout ce qui est traité par dprint
*.css
*.html
*.js
*.md
*.mjs
*.mts
*.php
*.scss
*.ts
*.xml
*.yaml
*.yml
!package.json
# Cache
.cache
# Tout sauf le thème
**/vendor
**/web/app/languages
**/web/app/mu-plugins
**/web/app/plugins
**/web/app/themes/haiku-atelier-2024/assets
**/web/app/themes/twentytwentyfour
**/web/app/uploads
**/web/wp
# Dépendances
composer.lock
bun.lock
# Jujutsu
.jj/
# Zed
.zed/

2
stylelint.config.js → cfg/stylelint.config.ts
View file

@ -7,7 +7,7 @@ const groupesProprietes = Array.from(/** @type {GroupeProprietes} */ propertyGro
/** @import { StylelintConfigCleanOrderPropertyGroup } from "./lib/stylelint" */
/** @type {Array<StylelintConfigCleanOrderPropertyGroup>} */
const ordreProprietes = groupesProprietes.map(properties => ({
const ordreProprietes = groupesProprietes.map((properties) => ({
emptyLineBefore: "never",
noEmptyLineBetween: true,
properties,

20
vite.config.ts → cfg/vite.config.ts
View file

@ -1,8 +1,7 @@
import { fdir, PathsOutput } from "fdir";
import type { PathsOutput } from "fdir";
import { fdir } from "fdir";
import process from "node:process";
import * as v from "valibot";
import { defineConfig, loadEnv } from "vite";
import valibot from "vite-plugin-valibot-env";
const SLUG_THEME = "haiku-atelier-2024";
const SRC_TYPESCRIPT_PATHS: Promise<PathsOutput> = new fdir()
@ -13,24 +12,12 @@ const SRC_TYPESCRIPT_PATHS: Promise<PathsOutput> = new fdir()
.withPromise();
const PATHS = await SRC_TYPESCRIPT_PATHS;
// Voir le fichier vite.env.d.ts.
const SCHEMA_ENVIRONNEMENT = v.object({
VITE_GLITCHTIP_NSD: v.pipe(v.string(), v.url(), v.readonly()),
VITE_MODE: v.pipe(v.string(), v.readonly()),
VITE_URL: v.pipe(v.string(), v.nonEmpty(), v.url(), v.readonly()),
});
const basePlugins = [
// Permet de valider les variables d'environnements définies à partir d'un schéma Valibot
valibot(SCHEMA_ENVIRONNEMENT),
];
export default defineConfig(({ mode }) => {
const env = loadEnv(mode, process.cwd(), "VITE");
console.debug(env);
return {
base: "/",
cacheDir: ".cache/vite",
build: {
assetsDir: ".",
cssMinify: "lightningcss",
@ -58,6 +45,5 @@ export default defineConfig(({ mode }) => {
transformer: "lightningcss",
},
mode: env["VITE_MODE"] ?? "production",
plugins: [...basePlugins],
};
});

1
compose.yaml
View file

@ -45,6 +45,7 @@ services:
restart: "on-failure:3"
volumes:
- "./containers/conf/angie:/etc/angie:rw"
# - "./containers/conf/angie-2:/etc/angie:rw"
- "./containers/data/certs:/etc/angie/ssl:ro"
- "./containers/data/angie/logs:/var/log/angie:rw"
- "./:/var/www/wordpress:rw"

24
composer.json
View file

@ -1,8 +1,20 @@
{
"autoload": { "psr-4": { "HaikuAtelier\\": "web/app/themes/haiku-atelier-2024/src/inc/" } },
"autoload": {
"psr-4": {
"HaikuAtelier\\": "web/app/themes/haiku-atelier-2024/src/inc/"
}
},
"authors": [
{ "email": "scott.walkinshaw@gmail.com", "homepage": "https://github.com/swalkinshaw", "name": "Scott Walkinshaw" },
{ "email": "ben@benword.com", "homepage": "https://github.com/retlehs", "name": "Ben Word" }
{
"email": "scott.walkinshaw@gmail.com",
"homepage": "https://github.com/swalkinshaw",
"name": "Scott Walkinshaw"
},
{
"email": "ben@benword.com",
"homepage": "https://github.com/retlehs",
"name": "Ben Word"
}
],
"config": {
"allow-plugins": {
@ -33,7 +45,11 @@
"name": "roots/bedrock",
"prefer-stable": true,
"repositories": [
{ "only": ["wpackagist-plugin/*", "wpackagist-theme/*"], "type": "composer", "url": "https://wpackagist.org" }
{
"only": ["wpackagist-plugin/*", "wpackagist-theme/*"],
"type": "composer",
"url": "https://wpackagist.org"
}
],
"require": {
"php": ">=8.5",

7441
composer.lock generated
View file

File diff suppressed because it is too large Load diff

27
config/application.php
View file

@ -11,10 +11,10 @@
declare(strict_types=1);
use function Env\env;
use Roots\WPConfig\Config;
use function Env\env;
// USE_ENV_ARRAY + CONVERT_* + STRIP_QUOTES
Env\Env::$options = 31;
@ -30,17 +30,14 @@ $root_dir = dirname(__DIR__);
*
* @var string
*/
$webroot_dir = $root_dir.'/web';
$webroot_dir = $root_dir . '/web';
/*
* Use Dotenv to set required environment variables and load .env file in root
* .env.local will override .env if it exists
*/
if (file_exists($root_dir.'/.env')) {
$env_files = file_exists($root_dir.'/.env.local') ? [
'.env',
'.env.local',
] : ['.env'];
if (file_exists($root_dir . '/.env')) {
$env_files = file_exists($root_dir . '/.env.local') ? ['.env', '.env.local'] : ['.env'];
$dotenv = Dotenv\Dotenv::createImmutable($root_dir, $env_files, false);
@ -69,12 +66,12 @@ Config::define('WP_SITEURL', env('WP_SITEURL'));
// Custom Content Directory
Config::define('CONTENT_DIR', '/app');
Config::define('WP_CONTENT_DIR', $webroot_dir.Config::get('CONTENT_DIR'));
Config::define('WP_CONTENT_URL', Config::get('WP_HOME').Config::get('CONTENT_DIR'));
Config::define('WP_CONTENT_DIR', $webroot_dir . Config::get('CONTENT_DIR'));
Config::define('WP_CONTENT_URL', Config::get('WP_HOME') . Config::get('CONTENT_DIR'));
// DB settings
if (env('DB_SSL')) {
Config::define('MYSQL_CLIENT_FLAGS', \MYSQLI_CLIENT_SSL);
Config::define('MYSQL_CLIENT_FLAGS', MYSQLI_CLIENT_SSL);
}
Config::define('DB_NAME', env('DB_NAME'));
@ -124,8 +121,8 @@ Config::define('SCRIPT_DEBUG', false);
ini_set('display_errors', '0');
// Plugins
Config::define('WPMU_PLUGIN_DIR', Config::get('WP_CONTENT_DIR').'/mu-plugins');
Config::define('WP_PLUGIN_DIR', Config::get('WP_CONTENT_DIR').'/plugins');
Config::define('WPMU_PLUGIN_DIR', Config::get('WP_CONTENT_DIR') . '/mu-plugins');
Config::define('WP_PLUGIN_DIR', Config::get('WP_CONTENT_DIR') . '/plugins');
/*
* Allow WordPress to detect HTTPS when used behind a reverse proxy or a load balancer
@ -135,7 +132,7 @@ if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && 'https' === $_SERVER['HTTP_X_FO
$_SERVER['HTTPS'] = 'on';
}
$env_config = __DIR__.'/environments/'.WP_ENV.'.php';
$env_config = __DIR__ . '/environments/' . WP_ENV . '.php';
if (file_exists($env_config)) {
include_once $env_config;
@ -145,5 +142,5 @@ Config::apply();
// Bootstrap WordPress
if (!defined('ABSPATH')) {
define('ABSPATH', $webroot_dir.'/wp/');
define('ABSPATH', $webroot_dir . '/wp/');
}

4
config/environments/development.php
View file

@ -6,10 +6,10 @@
declare(strict_types=1);
use function Env\env;
use Roots\WPConfig\Config;
use function Env\env;
Config::define('SAVEQUERIES', true);
Config::define('WP_DEBUG', true);
Config::define('WP_DEBUG_DISPLAY', true);

4
config/environments/production.php
View file

@ -6,10 +6,10 @@
declare(strict_types=1);
use function Env\env;
use Roots\WPConfig\Config;
use function Env\env;
Config::define('WP_DEBUG', true);
Config::define('WP_DEBUG_DISPLAY', false);
Config::define('WP_DEBUG_LOG', env('WP_DEBUG_LOG') ?? true);

4
config/environments/staging.php
View file

@ -6,10 +6,10 @@
declare(strict_types=1);
use function Env\env;
use Roots\WPConfig\Config;
use function Env\env;
Config::define('DISALLOW_INDEXING', true);
Config::define('WOOCOMMERCE_API_CONSUMER_KEY', env('WOOCOMMERCE_API_CONSUMER_KEY'));
Config::define('WOOCOMMERCE_API_CONSUMER_SECRET', env('WOOCOMMERCE_API_CONSUMER_SECRET'));

160
containers/conf/angie/angie.conf-original
View file

@ -1,117 +1,85 @@
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/angie.pid;
user www-data;
worker_processes auto;
pid /run/angie.pid;
include /etc/angie/modules-enabled/*.conf;
events {
worker_connections 1024;
worker_connections 768;
# multi_accept on;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
##
# Basic Settings
##
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
#gzip on;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
server {
listen 80;
server_name localhost;
include /etc/angie/mime.types;
default_type application/octet-stream;
#charset koi8-r;
##
# SSL Settings
##
#access_log logs/host.access.log main;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
}
##
# Logging Settings
##
#error_page 404 /404.html;
access_log /var/log/angie/access.log;
error_log /var/log/angie/error.log;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
##
# Gzip Settings
##
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
gzip on;
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
# deny access to .htaccess files, if Apache's document root
# concurs with Angie's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
##
# Virtual Host Configs
##
include /etc/angie/conf.d/*.conf;
include /etc/angie/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.angie.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}

91
containers/conf/angie/angie.conf-packaged
View file

@ -1,5 +1,5 @@
###
## This file comes with the "Angie modules" on https://deb.paranoid.nl/angie-modules
## This file comes with the "NGINX Mainline and modules" on https://deb.paranoid.nl/nginx-modules
## It contains various optimizations, examples and tweaks.
####
@ -11,10 +11,8 @@ worker_rlimit_nofile 10000;
pid /run/angie.pid;
include /etc/angie/modules-enabled/*.conf;
pcre_jit on;
events {
worker_connections 8192; # this can go as high as ulimit -n
worker_connections 65535;
multi_accept on;
use epoll;
}
@ -31,23 +29,20 @@ http {
directio 256k;
sendfile_max_chunk 256k;
tcp_nopush on;
tcp_nopush off;
tcp_nodelay on;
types_hash_max_size 2048;
server_names_hash_bucket_size 128;
variables_hash_max_size 1024;
# server_name_in_redirect off;
include /etc/angie/mime.types;
server_name_in_redirect off; # if off, angie will use the requested Host header
source_charset utf-8; # same value as "charset"
default_type application/octet-stream;
###
## Enable security_headers only if you installed/enabled the module
###
# security_headers on;
###
## Enable other security headers.
###
# hide_server_tokens on;
# fastcgi_hide_header X-Powered-By;
# server_tokens off;
@ -55,13 +50,15 @@ http {
##
# Optimizing TLS over TCP to reduce latency (Cloudflare patch)
##
# ssl_dyn_rec_enable on;
#ssl_dyn_rec_enable on;
##
# Enable HTTP2 and HTTP3
#
http2 on;
#http3 on;
#
##
##
# SSL Settings
@ -81,11 +78,11 @@ http {
ssl_early_data on;
ssl_session_cache shared:SSL:10m;
ssl_session_cache shared:le_nginx_SSL:10m; #letsencrypt only
ssl_session_timeout 1440m;
# OCSP Stapling
# fetch OCSP records from URL in ssl_certificate and cache them
# Please enter your own nameservers for security
ssl_stapling on;
ssl_stapling_verify on;
resolver 1.1.1.1 8.8.8.8 valid=300;
@ -103,73 +100,51 @@ http {
##
# Gzip Settings
##
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_min_length 250;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Brotli settings (Please load module first!)
##
#brotli on;
#brotli_comp_level 4;
#brotli_buffers 32 8k;
#brotli_min_length 1000;
#brotli_static on;
#brotli_types image/svg+xml text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript image/x-icon;
##
# ZSTD Settings (Please load module first!)
##
#zstd on;
#zstd_min_length 256; # no less than 256 bytes
#zstd_comp_level 3; # set the level to #
#zstd_buffers 32 8k;
#zstd_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/ xml+rss text/javascript image/x-icon;
###
## Miscellaneous
###
# cache informations about FDs, frequently accessed files
# can boost performance, but you need to test those values
#open_file_cache max=200000 inactive=20s;
#open_file_cache_valid 30s;
#open_file_cache_min_uses 2;
keepalive_disable none; # allow all browsers to use keepalive connections
keepalive_requests 50; # number of requests per connection, does not affect SPDY
max_ranges 1; # allow a single range header for resumed downloads and to stop large range header DoS attacks
msie_padding off;
#open_file_cache max=10000 inactive=2h;
#open_file_cache_errors on;
server_names_hash_bucket_size 256;
server_names_hash_max_size 2048;
variables_hash_bucket_size 256;
variables_hash_max_size 2048;
map_hash_max_size 2048;
map_hash_bucket_size 256;
#open_file_cache_min_uses 1;
#open_file_cache_valid 1h;
output_buffers 2 512k;
#postpone_output 1440; # postpone sends to match our machine's MSS
read_ahead 512K; # kernel read head set to the output_buffers
output_buffers 4 512k;
server_name_in_redirect off; # if off, angie will use the requested Host header
source_charset utf-8; # same value as "charset"
# Buffer size for POST submissions
client_body_buffer_size 80K;
client_body_buffer_size 10K;
client_max_body_size 16m;
# Buffer size for Headers
client_header_buffer_size 1k;
# Allow the server to close the connection after a client stops
# responding.
# Frees up socket-associated memory.
#
reset_timedout_connection on;
# Timeouts, do not keep connections open longer then necessary to reduce
# resource usage and deny Slowloris type attacks.
client_body_timeout 12; # maximum time between packets the client can pause when sending angie any data
client_header_timeout 12;# maximum time the client has to send the entire header to ngin
keepalive_timeout 15; # timeout which a single keep-alive client connection will stay open
keepalive_disable none; # allow all browsers to use keepalive connections
keepalive_requests 5000; # number of requests per connection, does not affect SPDY
reset_timedout_connection on; # Allow the server to close the connection after a client stops responding.
send_timeout 12;
client_body_timeout 10s; # maximum time between packets the client can pause when sending angie any data
client_header_timeout 10s; # maximum time the client has to send the entire header to angie
keepalive_timeout 120s; # timeout which a single keep-alive client connection will stay open
##
# Virtual Host Configs

78
containers/conf/angie/compression.conf
View file

@ -7,44 +7,7 @@ gzip_proxied any;
gzip_vary on;
gzip_disable "msie6";
gzip_static on;
gzip_types
application/atom+xml
application/geo+json
application/javascript
application/json
application/ld+json
application/manifest+json
application/rdf+xml
application/rss+xml
application/vnd.api+json
application/vnd.geo+json
application/vnd.ms-fontobject
application/x-font-opentype
application/x-font-truetype
application/x-font-ttf
application/x-javascript
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/eot
font/opentype
font/otf
font/ttf
image/bmpg
image/svg+xml
image/vnd.microsoft.icon
image/x-icon
text/cache-manifest
text/css
text/html
text/javascript
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-policy
text/xml;
gzip_types application/atom+xml application/geo+json application/javascript application/json application/ld+json application/manifest+json application/rdf+xml application/rss+xml application/vnd.api+json application/vnd.geo+json application/vnd.ms-fontobject application/x-font-opentype application/x-font-truetype application/x-font-ttf application/x-javascript application/x-web-app-manifest+json application/xhtml+xml application/xml font/eot font/opentype font/otf font/ttf image/bmpg image/svg+xml image/vnd.microsoft.icon image/x-icon text/cache-manifest text/css text/html text/javascript text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy text/xml;
brotli on;
brotli_buffers 32 4K;
@ -62,41 +25,4 @@ zstd_buffers 32 4K;
zstd_comp_level 3;
zstd_min_length 1000;
zstd_static on;
zstd_types
application/atom+xml
application/geo+json
application/javascript
application/json
application/ld+json
application/manifest+json
application/rdf+xml
application/rss+xml
application/vnd.api+json
application/vnd.geo+json
application/vnd.ms-fontobject
application/x-font-opentype
application/x-font-truetype
application/x-font-ttf
application/x-javascript
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/eot
font/opentype
font/otf
font/ttf
image/bmpg
image/svg+xml
image/vnd.microsoft.icon
image/x-icon
text/cache-manifest
text/css
text/html
text/javascript
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-policy
text/xml;
zstd_types application/atom+xml application/geo+json application/javascript application/json application/ld+json application/manifest+json application/rdf+xml application/rss+xml application/vnd.api+json application/vnd.geo+json application/vnd.ms-fontobject application/x-font-opentype application/x-font-truetype application/x-font-ttf application/x-javascript application/x-web-app-manifest+json application/xhtml+xml application/xml font/eot font/opentype font/otf font/ttf image/bmpg image/svg+xml image/vnd.microsoft.icon image/x-icon text/cache-manifest text/css text/html text/javascript text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy text/xml;

13
containers/conf/angie/dhparam.pem Normal file
View file

@ -0,0 +1,13 @@
-----BEGIN DH PARAMETERS-----
MIICCAKCAgEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz
+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a
87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7
YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi
7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD
ssbzSibBsu/6iGtCOGEfz9zeNVs7ZRkDW7w09N75nAI4YbRvydbmyQd62R0mkff3
7lmMsPrBhtkcrv4TCYUTknC0EwyTvEN5RPT9RFLi103TZPLiHnH1S/9croKrnJ32
nuhtK8UiNjoNq8Uhl5sN6todv5pC1cRITgq80Gv6U93vPBsg7j/VnXwl5B0rZp4e
8W5vUsMWTfT7eTDp5OWIV7asfV9C1p9tGHdjzx1VA0AEh/VbpX4xzHpxNciG77Qx
iu1qHgEtnmgyqQdgCpGBMMRtx3j5ca0AOAkpmaMzy4t6Gh25PXFAADwqTs6p+Y0K
zAqCkc3OyX3Pjsm1Wn+IpGtNtahR9EGC4caKAH5eZV9q//////////8CAQI=
-----END DH PARAMETERS-----

96
containers/conf/angie/naxsi_rules/blocking/10000000_scanner.rules Normal file
View file

@ -0,0 +1,96 @@
#######################################
## Scanners ids: 10000000 ##
#######################################
# http://pastebin.com/NP64hTQr
# http://blog.initiative-s.de/2013/09/kompromitierte-wordpress-blogs-werden-fuer-ddos-attacken-genutzt/
# If using wp then turn off this rule
MainRule id:10000000 "s:$UWA:8" "str:wordpress/" "mz:$HEADERS_VAR:User-Agent" "msg:Wordpress in user-agent";
# https://github.com/robertdavidgraham/masscan
MainRule id:10000001 "s:$UWA:8" "str:masscan" "mz:$HEADERS_VAR:User-Agent" "msg:masscan in user-agent";
# block acunetix scan
MainRule id:10000002 "s:$UWA:8" "str:99999999999999999999999" "mz:$HEADERS_VAR:Content-length" "msg:acunetix scan nginx buffer size";
MainRule id:10000003 "s:$UWA:8" "str:acunetix" "mz:URL|BODY|$HEADERS_VAR:Accept|$HEADERS_VAR:User-Agent" "msg:acunetix scan website";
MainRule id:10000004 "s:$UWA:8" "str:acunetix/wvs" "mz:$HEADERS_VAR:Accept" "msg:acunetix scan website";
MainRule id:10000005 "s:$UWA:8" "str:havij" "mz:$HEADERS_VAR:User-Agent" "msg:Havij in user-agent";
MainRule id:10000006 "s:$UWA:8" "str:webmole" "mz:$HEADERS_VAR:User-Agent" "msg:webmole in user-agent";
MainRule id:10000007 "s:$UWA:8" "str:nlpproject.info" "mz:$HEADERS_VAR:User-Agent" "msg:nlpproject.info in user-agent";
MainRule id:10000008 "s:$UWA:8" "str:cloudmapping" "mz:$HEADERS_VAR:User-Agent" "msg:cloudmapping in user-agent";
MainRule id:10000009 "s:$UWA:8" "str:sucuri" "mz:$HEADERS_VAR:User-Agent" "msg:Sucuri in user-agent";
MainRule id:10000010 "s:$UWA:8" "str:brutus/" "mz:$HEADERS_VAR:User-Agent" "msg:Brutus in user-agent";
MainRule id:10000011 "s:$UWA:4" "str:apachebench" "mz:$HEADERS_VAR:User-Agent" "msg:apachebench in user-agent";
MainRule id:10000012 "s:$UWA:8" "str:/netsparker" "mz:URL" "msg:netsparker in user-agent";
MainRule id:10000013 "s:$UWA:8" "str:mysqloit" "mz:$HEADERS_VAR:User-Agent" "msg:Mysqloit in user-agent";
MainRule id:10000014 "s:$UWA:8" "str:network-services-auditor" "mz:$HEADERS_VAR:User-Agent" "msg:network-services-auditor in user-agent";
MainRule id:10000015 "s:$UWA:8" "str:dav.pm" "mz:$HEADERS_VAR:User-Agent" "msg:dav.pm in user-agent";
MainRule id:10000016 "s:$UWA:8" "str:w3af" "mz:$HEADERS_VAR:User-Agent" "msg:w3af in user-agent";
MainRule id:10000017 "s:$UWA:8" "str:http_get_vars" "mz:$HEADERS_VAR:User-Agent" "msg:PHP-Injetion on UA";
MainRule id:10000018 "s:$UWA:8" "str:whisker" "mz:$HEADERS_VAR:User-Agent" "msg:whisker in user-agent";
MainRule id:10000019 "s:$UWA:8" "str:whatweb" "mz:$HEADERS_VAR:User-Agent" "msg:whatweb in user-agent";
MainRule id:10000020 "s:$UWA:8" "str:dirbuster" "mz:$HEADERS_VAR:User-Agent" "msg:DirBuster in user-agent";
# https://www.bleepingcomputer.com/news/security/phps-git-server-hacked-to-add-backdoors-to-php-source-code/
# https://github.com/php/php-src/commit/c730aa26bd52829a49f2ad284b181b7e82a68d7d#diff-a35f2ee9e1d2d3983a3270ee10ec70bf86349c53febdeabdf104f88cb2167961R370
# prevent php supply chain attack
MainRule id:10000021 "s:$UWA:8" "str:zerodium" "mz:$HEADERS_VAR:User-Agent" "msg:zerodium in user-agent";
# prevent log4j attack
# info https://www.govcert.ch/blog/zero-day-exploit-targeting-popular-java-library-log4j/
# payload check https://github.com/johto89/Some-collections-for-Security-Researcher/blob/master/log4j-all-in-one.md
MainRule id:10000022 "s:$UWA:8" "str:${" "mz:$HEADERS_VAR:User-Agent" "msg:log4j attack detection";
# Python libraries like python-requests, python-urllib, etc..
MainRule id:10000023 "s:$UWA:8" "str:python" "mz:$HEADERS_VAR:User-Agent" "msg:python in user-agent";
# Meterpreter
MainRule id:10000024 "s:$UWA:8" "str:meterpreter" "mz:$HEADERS_VAR:User-Agent" "msg:meterpreter in user-agent";
# https://github.com/zmap/zgrab2
MainRule id:10000025 "s:$UWA:8" "str:zgrab" "mz:$HEADERS_VAR:User-Agent" "msg:zgrab in user-agent";
# Known tools like nmap,curl,wget
MainRule id:10000026 "s:$UWA:8" "str:nmap" "mz:$HEADERS_VAR:User-Agent" "msg:nmap in user-agent";
MainRule id:10000027 "s:$UWA:8" "str:curl" "mz:$HEADERS_VAR:User-Agent" "msg:curl in user-agent";
MainRule id:10000028 "s:$UWA:8" "str:wget" "mz:$HEADERS_VAR:User-Agent" "msg:wget in user-agent";
MainRule id:10000029 "s:$UWA:8" "str:sqlmap" "mz:$HEADERS_VAR:User-Agent" "msg:slqmap in user-agent";
# Scan from Expense with this User-Agent:
# Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers presences on the Internet.
# If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com
MainRule id:10000030 "s:$UWA:8" "str:paloaltonetworks.com" "mz:$HEADERS_VAR:User-Agent" "msg:paloaltonetworks in user-agent";
MainRule id:10000031 "s:$UWA:8" "str:palo alto network" "mz:$HEADERS_VAR:User-Agent" "msg:palo alto network in user-agent";
MainRule id:10000032 "s:$UWA:8" "str:Expense" "mz:$HEADERS_VAR:User-Agent" "msg:Expense in user-agent";
# Scan from NetSystemsResearch with this User-Agent:
# NetSystemsResearch studies the availability of various services across the internet. Our website is netsystemsresearch.com
MainRule id:10000033 "s:$UWA:8" "str:NetSystemsResearch" "mz:$HEADERS_VAR:User-Agent" "msg:NetSystemsResearch in user-agent";
# Golang default User-Agent
MainRule id:10000034 "s:$UWA:8" "str:Go-http" "mz:$HEADERS_VAR:User-Agent" "msg:Golang in user-agent";
# Perl default User-Agent
MainRule id:10000035 "s:$UWA:8" "str:libwww-perl" "mz:$HEADERS_VAR:User-Agent" "msg:libwww-perl in user-agent";
# l9tcpid in User-Agent
MainRule id:10000036 "s:$UWA:8" "str:l9tcpid" "mz:$HEADERS_VAR:User-Agent" "msg:l9tcpid in user-agent";
# l9explore in User-Agent
MainRule id:10000037 "s:$UWA:8" "str:l9explore" "mz:$HEADERS_VAR:User-Agent" "msg:l9explore in user-agent";
# WPScan in User-Agent
MainRule id:10000038 "s:$UWA:8" "str:wpscan" "mz:$HEADERS_VAR:User-Agent" "msg:WPScan in user-agent";
# WinHttpReq in User-Agent
MainRule id:10000039 "s:$UWA:8" "str:WinHttpReq" "mz:$HEADERS_VAR:User-Agent" "msg:WinHttpReq in user-agent";
# EgyScan security scanner uses AliElTop in some of the attacks
MainRule id:10000040 "s:$UWA:8" "str:AliElTop" "mz:ANY" "msg:EgyScan security scanner";
# Guzzle PHP HTTP client
MainRule id:10000041 "s:$UWA:8" "str:GuzzleHttp" "mz:$HEADERS_VAR:User-Agent" "msg:GuzzleHttp in user-agent";
# Java client
MainRule id:10000042 "s:$UWA:8" "str:AsyncHttpClient" "mz:$HEADERS_VAR:User-Agent" "msg:AsyncHttpClient in user-agent";

172
containers/conf/angie/naxsi_rules/blocking/20000000_web_security.rules Normal file
View file

@ -0,0 +1,172 @@
#######################################
## Webserver Security ids: 20000000 ##
#######################################
# webserver critical files
MainRule id:20000000 "s:$UWA:8" "str:.conf" "mz:URL" "msg:file access to .conf";
MainRule id:20000001 "s:$UWA:8" "str:.ini" "mz:URL" "msg:file access to .ini";
MainRule id:20000002 "s:$UWA:8" "str:.sql" "mz:URL" "msg:file access to .sql";
MainRule id:20000003 "s:$UWA:8" "rx:\.txt$" "mz:URL" "msg:file access to .txt";
MainRule id:20000004 "s:$UWA:8" "str:/sftp-config.json" "mz:URL|BODY" "msg:file access to sftp-config.json";
MainRule id:20000005 "s:$UWA:8" "str:/.bzr" "mz:URL" "msg:bazaar version control folder access";
MainRule id:20000006 "s:$UWA:8" "str:/.git" "mz:URL" "msg:git version control folder access";
MainRule id:20000007 "s:$UWA:8" "str:/.hg" "mz:URL" "msg:mercurial version control folder access";
MainRule id:20000008 "s:$UWA:8" "str:/.svn" "mz:URL" "msg:svn version control folder access";
MainRule id:20000009 "s:$UWA:8" "str:/bzr/" "mz:URL" "msg:bazaar version control folder access";
MainRule id:20000010 "s:$UWA:8" "str:/git/" "mz:URL" "msg:git version control folder access";
MainRule id:20000011 "s:$UWA:8" "str:/hg/" "mz:URL" "msg:mercurial version control folder access";
MainRule id:20000012 "s:$UWA:8" "str:/svn/" "mz:URL" "msg:svn version control folder access";
MainRule id:20000013 "s:$UWA:8" "str:.htpasswd" "mz:ARGS|BODY|URL|FILE_EXT" "msg:file access to .htpasswd";
MainRule id:20000014 "s:$UWA:8" "str:.htaccess" "mz:ARGS|BODY|URL|FILE_EXT" "msg:file access to .htaccess";
MainRule id:20000015 "s:$UWA:8" "str:.ds_store" "mz:URL" "msg:file access to .ds_store";
MainRule id:20000016 "s:$UWA:8" "str:changelog" "mz:URL" "msg:file access to changelog";
MainRule id:20000017 "s:$UWA:8" "rx:^/core.\d+$" "mz:URL" "msg:file access to core dumps";
MainRule id:20000018 "s:$UWA:8" "rx:\.module$" "mz:URL" "msg:file access to .module (drupal)";
MainRule id:20000019 "s:$UWA:8" "str:web.config" "mz:URL" "msg:file access to web.config (drupal)";
MainRule id:20000020 "s:$UWA:8" "rx:release[-_]notes\." "mz:URL" "msg:file access to release notes";
MainRule id:20000021 "s:$UWA:8" "rx:~$" "mz:URL" "msg:file access to cache files";
MainRule id:20000022 "s:$UWA:8" "str:web-inf" "mz:URL|BODY|ARGS" "msg:folder access to WEB-INF";
# Exposed Services
MainRule id:20000023 "s:$UWA:8" "str:/cgi-bin/luci" "mz:URL" "msg:Exposed OpenWRT";
MainRule id:20000024 "s:$UWA:8" "rx:^/cgi-bin/.+\.cgi$" "mz:URL" "msg:Exposed cgi-bin";
MainRule id:20000025 "s:$UWA:8" "str:/jenkins" "mz:URL" "msg:Exposed Jenkins";
MainRule id:20000026 "s:$UWA:8" "str:/console/login/LoginForm.jsp" "mz:URL" "msg:Exposed Oracle WebLogic Server Administration Console";
MainRule id:20000027 "s:$UWA:8" "str:/nuxeo/login.jsp" "mz:URL" "msg:Exposed Nuxeo Enterprise Platform";
MainRule id:20000028 "s:$UWA:8" "str:/zabbix/index.php" "mz:URL" "msg:Exposed Zabbix";
# Known hacking tools like burp suite, etc..
MainRule id:20000029 "s:$UWA:8" "str:burpcollaborator.net" "mz:ARGS|BODY|HEADERS" "msg:burp collaborator";
MainRule id:20000030 "s:$UWA:8" "str:/netsparker" "mz:URL" "msg:Netsparker";
# Malicious strings in request
MainRule id:20000031 "s:$UWA:8" "str:\n\r" "mz:URL" "msg:HTTP - Smuggling-Attempt (NewLine in URI)";
MainRule id:20000032 "s:$UWA:6" "rx:^[a-zA-Z\d-]+\.[a-zA-Z]+$" "mz:$HEADERS_VAR:Host" "msg:HOST-Header Injection";
MainRule id:20000033 "s:$UWA:8" "str:/bin/sh" "mz:URL|BODY|ARGS|$HEADERS_VAR:User-Agent|$HEADERS_VAR:Cookie" "msg:/bin/sh in URI";
MainRule id:20000034 "s:$UWA:8" "str:/etc/passwd" "mz:URL|BODY|ARGS|$HEADERS_VAR:User-Agent|$HEADERS_VAR:Cookie" "msg:/etc/passwd in URI";
MainRule id:20000035 "s:$UWA:8" "str:/etc/shadow" "mz:URL|BODY|ARGS|$HEADERS_VAR:User-Agent|$HEADERS_VAR:Cookie" "msg:/etc/shadow in URI";
MainRule id:20000036 "s:$UWA:8" "str:/etc/hosts" "mz:URL|BODY|ARGS|$HEADERS_VAR:User-Agent|$HEADERS_VAR:Cookie" "msg:/etc/hosts in URI";
MainRule id:20000037 "s:$UWA:8" "str:/Windows/system.ini" "mz:URL|BODY|ARGS|$HEADERS_VAR:User-Agent|$HEADERS_VAR:Cookie" "msg:/Windows/system.ini in URI";
MainRule id:20000038 "s:$UWA:8" "rx:<!DOCTYPE(\s+)(%*\s*)([{}:.a-zA-Z0-9_-]*)(\s+)SYSTEM" "mz:BODY" "msg: possible XML/XXE-Exploitation atempt (Doctype)";
MainRule id:20000039 "s:$UWA:8" "str:http://http://" "mz:HEADERS" "msg:Abnormal double http:// in HTTP header";
MainRule id:20000040 "s:$UWA:8" "str:https://http://" "mz:HEADERS" "msg:Abnormal double http:// in HTTP header";
MainRule id:20000041 "s:$UWA:8" "str:http://https://" "mz:HEADERS" "msg:Abnormal double http:// in HTTP header";
MainRule id:20000042 "s:$UWA:8" "str:https://https://" "mz:HEADERS" "msg:Abnormal double http:// in HTTP header";
# ThinkPHP Remote Code Execution CVE-2018-20062
MainRule id:20000043 "s:$UWA:8" "str:index/\think\app/invokefunction" "mz:URL" "msg:CVE-2018-20062";
# AWS related files
MainRule id:20000044 "s:$UWA:8" "str:/.aws/" "mz:URL" "msg:AWS Credential Stealer";
# dot folders and files
MainRule id:20000045 "s:$UWA:8" "rx:/\.[^.]" "mz:URL" "msg:Access to dot folder or file";
# Exposed Microsoft Exchange
MainRule id:20000046 "s:$UWA:8" "str:autodiscover/autodiscover.json" "mz:URL" "msg:Exposed Microsoft Exchange";
MainRule id:20000047 "s:$UWA:8" "str:autodiscover/autodiscover.xml" "mz:URL" "msg:Exposed Microsoft Exchange";
MainRule id:20000048 "s:$UWA:8" "str:/auth.owa" "mz:URL" "msg:Exposed Microsoft Exchange";
# Ignition 2.5.1 Remote Code Execution CVE-2021-3129
MainRule id:20000049 "s:$UWA:8" "str:/_ignition/execute-solution" "mz:URL" "msg:CVE-2021-3129";
# CVE-2018-13379 path traversal vulnerability in Fortinet's FortiGate SSL VPN
# https://x.x.x.x/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession
MainRule id:20000050 "s:$UWA:8" "str:/sslvpn_websession" "mz:ARGS|BODY|HEADERS" "msg:CVE-2018-13379";
# Exposed Apache Tomcat Administration Panel
MainRule id:20000051 "s:$UWA:8" "str:/manager/html" "mz:URL" "msg:Exposed Apache Tomcat Administration Panel";
# Block NMAP enumeration
MainRule id:20000052 "s:$UWA:8" "str:/HNAP1" "mz:URL" "msg:NMAP enumeration attempt";
MainRule id:20000053 "s:$UWA:8" "rx:/default\.(asp|aspx|cfm|cgi|jsa|jsp|php|pl)$" "mz:URL" "msg:NMAP enumeration attempt";
MainRule id:20000054 "s:$UWA:8" "rx:/start\.(asp|aspx|cfm|cgi|jsa|jsp|php|pl)$" "mz:URL" "msg:NMAP enumeration attempt";
MainRule id:20000055 "s:$UWA:8" "rx:/localstart\.(asp|aspx|cfm|cgi|jsa|jsp|php|pl)$" "mz:URL" "msg:NMAP enumeration attempt";
MainRule id:20000056 "s:$UWA:8" "rx:/admin\.(asp|aspx|cfm|cgi|jsa|jsp|php|pl)$" "mz:URL" "msg:NMAP enumeration attempt";
MainRule id:20000057 "s:$UWA:8" "str:/nmaplowercheck" "mz:URL" "msg:NMAP enumeration attempt";
# Siemens PLC scan
MainRule id:20000058 "s:$UWA:8" "str:/__Additional" "mz:URL" "msg:Siemens PLC scan";
MainRule id:20000059 "s:$UWA:8" "str:/docs/cplugError.html/" "mz:URL" "msg:Siemens PLC scan";
MainRule id:20000060 "s:$UWA:8" "str:/Portal/Portal.mwsl" "mz:URL" "msg:Siemens PLC scan";
# Block Citrix XenApp
MainRule id:20000061 "s:$UWA:8" "str:/scripts/wpnbr.dll" "mz:URL" "msg:Citrix XenApp";
# Block jenkins authentication bypass CVE-2018-1000861
MainRule id:20000062 "s:$UWA:8" "str:/securityRealm/user/admin/search/index" "mz:URL" "msg:CVE-2018-1000861";
# Block jenkins RCE CVE-2019-1003029, CVE-2019-1003030
MainRule id:20000063 "s:$UWA:8" "str:/descriptorByName/org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SecureGroovyScript/checkScript/" "mz:URL" "msg:CVE-2019-1003029, CVE-2019-1003030";
# Log4J bypass
MainRule id:20000064 "s:$UWA:8" "str:${env:NaN:-" "mz:URL|ARGS|BODY|HEADERS" "msg:Attempted Log4J Bypass";
# Windows system paths
MainRule id:20000065 "s:$UWA:8" "str:\Windows\system.ini" "mz:URL|BODY|ARGS|$HEADERS_VAR:User-Agent|$HEADERS_VAR:Cookie" "msg:\Windows\system.ini in URI";
MainRule id:20000066 "s:$UWA:8" "str:/Windows/win.ini" "mz:URL|BODY|ARGS|$HEADERS_VAR:User-Agent|$HEADERS_VAR:Cookie" "msg:/Windows/win.ini in URI";
MainRule id:20000067 "s:$UWA:8" "str:\Windows\win.ini" "mz:URL|BODY|ARGS|$HEADERS_VAR:User-Agent|$HEADERS_VAR:Cookie" "msg:\Windows\win.ini in URI";
# Exposed Apache Host Manager App
MainRule id:20000068 "s:$UWA:8" "str:/manager/text/list" "mz:URL" "msg:Exposed Apache Host Manager App";
# Spring Cloud Gateway Code Injection Vulnerability
MainRule id:20000069 "s:$UWA:8" "str:/actuator/gateway/routes" "mz:URL" "msg:CVE-2022-22947";
# Block Spring4Shell
MainRule id:20000070 "s:$UWA:8" "str:class.module.classLoader.resources." "mz:RAW_BODY" "msg:CVE-2022-22965";
MainRule id:20000071 "s:$UWA:8" "rx:<%|%>" "mz:HEADERS" "msg:CVE-2022-22965";
# Block Microsoft Exchange Server Remote Code Execution
MainRule id:20000072 "s:$UWA:8" "str:/ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application" "mz:URL" "msg:CVE-2021-28481";
# Prevents IndoXploit/IDX Shell dump access
# A website that has been infected will have a world-browsable folder called `idx_config`
# which contains text versions of the configuration file of every CMS installation the shell
# is able to find (impacts WordPress, Joomla and Magento).
MainRule id:20000073 "s:$UWA:8" "str:/idx_config" "mz:URL" "msg:Prevent IndoXploit/IDX Shell dump access";
# Prevents old grafana to return all folders
# https://github.com/grafana/grafana/pull/44175
MainRule id:20000074 "s:$UWA:8" "rx:^0$" "mz:$URL:/api/search|$ARGS_VAR:folderIds" "msg:Access all grafana folders";
# Block access to yaml files
MainRule id:20000075 "s:$UWA:8" "str:.yml" "mz:URL" "msg:file access to .yml";
MainRule id:20000076 "s:$UWA:8" "str:.yaml" "mz:URL" "msg:file access to .yaml";
# Block access to HashiCorp Consul/Vault template files
MainRule id:20000077 "s:$UWA:8" "rx:\.ctmpl$" "mz:URL" "msg:file access to .ctmpl";
MainRule id:20000078 "s:$UWA:8" "rx:\.hcl$" "mz:URL" "msg:file access to .hcl";
# Block access to known files used for fingerprinting
MainRule id:20000079 "s:$UWA:8" "rx:\.md$" "mz:URL" "msg:file access to .md";
MainRule id:20000080 "s:$UWA:8" "rx:read[-_]?me" "mz:URL" "msg:file access to readme";
MainRule id:20000081 "s:$UWA:8" "rx:\.toml$" "mz:URL" "msg:file access to .toml";
# AWS related files
MainRule id:20000082 "s:$UWA:8" "str:dockerrun.aws.json" "mz:URL" "msg:Exposed AWS Elastic Beanstalk configuration";
# Block access to temporary backup files like .bak,.bak.php, etc...
MainRule id:20000083 "s:$UWA:8" "str:.bak" "mz:URL" "msg:file access to temporary backup files";
# Path traversal in nuxt/framework when in dev mode
# https://huntr.dev/bounties/4849af83-450c-435e-bc0b-71705f5be440/
MainRule id:20000084 "s:$UWA:8" "str:_nuxt/@" "mz:URL" "msg:path traversal in nuxt framework";
# AWS NodeJS related files
MainRule id:20000085 "s:$UWA:8" "str:awsconfig" "mz:URL" "msg:Exposed AWS config files";
MainRule id:20000086 "s:$UWA:8" "str:aws-config" "mz:URL" "msg:Exposed AWS config files";
MainRule id:20000087 "s:$UWA:8" "str:awscred" "mz:URL" "msg:Exposed AWS config files";
MainRule id:20000088 "s:$UWA:8" "str:aws-cred" "mz:URL" "msg:Exposed AWS config files";
# Text editors temp and config files
MainRule id:20000089 "s:$UWA:8" "str:.old" "mz:URL" "msg:Exposed temp copy";
MainRule id:20000090 "s:$UWA:8" "str:.save" "mz:URL" "msg:Exposed temp copy";
MainRule id:20000091 "s:$UWA:8" "str:.DS_Store" "mz:URL" "msg:Exposed temp copy";
MainRule id:20000092 "s:$UWA:8" "str:vscode" "mz:URL" "msg:Exposed vscode directory";
# Exposed .env
MainRule id:20000093 "s:$UWA:8" "str:/.env" "mz:URL" "msg:access to .env file or dir";
# androxgh0st exploit
MainRule id:20000094 "s:$UWA:8" "str:androxgh0st" "mz:ANY" "msg:androxgh0st exploit";

16
containers/conf/angie/naxsi_rules/blocking/30000000_wordpress.rules Normal file
View file

@ -0,0 +1,16 @@
#######################################
## Wordpress ids: 30000000 ##
#######################################
MainRule id:30000000 "s:$UWA:8" "str:system.multicall" "mz:$URL:/xmlrpc.php|BODY" "msg:Wordpress XMLRPC possible Password Brute Force";
MainRule id:30000001 "s:$UWA:8" "str:system.listmethods" "mz:$URL:/xmlrpc.php|BODY" "msg:WordPress XMLRPC Enumeration system.listMethods";
MainRule id:30000002 "s:$UWA:8" "str:system.getcapabilities" "mz:$URL:/xmlrpc.php|BODY" "msg:WordPress XMLRPC Enumeration system.getCapabilities";
MainRule id:30000003 "s:$UWA:8" "str:/w3tc/dbcache" "mz:URL" "msg:WordPress TotalCache-DBCache-Access";
MainRule id:30000004 "s:$UWA:8" "str:/uploadify/uploadify.php" "mz:URL" "msg:WordPress Uploadify-Access";
MainRule id:30000005 "s:$UWA:8" "str:/wp-content/plugins/mm-forms-community/upload/temp/" "mz:URL" "msg:Access To mm-forms-community upload dir";
MainRule id:30000006 "s:$UWA:8" "str:wp-config.php" "mz:BODY|ARGS|URL" "msg:WordPress access to wp-config.php";
# block malicious access ALFA_DATA|alfacgiapi|cgialfa path
MainRule id:30000007 "s:$UWA:8" "str:ALFA_DATA" "mz:URL" "msg:WordPress malicious access to ALFA_DATA path";
MainRule id:30000008 "s:$UWA:8" "str:alfacgiapi" "mz:URL" "msg:WordPress malicious access to alfacgiapi path";
MainRule id:30000009 "s:$UWA:8" "str:cgialfa" "mz:URL" "msg:WordPress malicious access to cgialfa path";

66
containers/conf/angie/naxsi_rules/blocking/40000000_php_security.rules Normal file
View file

@ -0,0 +1,66 @@
#######################################
## PHP Security ids: 40000000 ##
#######################################
# Php Functions
MainRule id:40000000 "s:$UWA:8" "str:gzinflate(" "mz:URL|BODY|ARGS" "msg:gzinflate in URI";
MainRule id:40000001 "s:$UWA:8" "str:system(" "mz:URL|BODY|ARGS" "msg:php system called";
MainRule id:40000002 "s:$UWA:8" "str:base64_decode(" "mz:URL|BODY|ARGS" "msg:php base64_decode called";
MainRule id:40000003 "s:$UWA:8" "str:@eval" "mz:URL|BODY|ARGS" "msg:php eval called";
MainRule id:40000004 "s:$UWA:8" "rx:eval\((\s+)?\$_" "mz:URL|BODY|ARGS" "msg:php eval called";
# PhpMyAdmin
MainRule id:40000005 "s:$UWA:8" "str:/db-admin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000006 "s:$UWA:8" "str:/dbadmin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000007 "s:$UWA:8" "str:/myadmin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000008 "s:$UWA:8" "str:/mysqldumper " "mz:URL" "msg:MysqlDumper";
MainRule id:40000009 "s:$UWA:8" "str:/mysqlmanager" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000010 "s:$UWA:8" "str:/p/m/a/" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000011 "s:$UWA:8" "str:/php-my-admin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000012 "s:$UWA:8" "str:/php-myadmin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000013 "s:$UWA:8" "str:/phpmanager" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000014 "s:$UWA:8" "str:/phpmy" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000015 "s:$UWA:8" "str:/phpmy-admin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000016 "s:$UWA:8" "str:/phpmyadmin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000017 "s:$UWA:8" "str:/phppgadmin " "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000018 "s:$UWA:8" "str:/pma" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000019 "s:$UWA:8" "str:/sql-admin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000020 "s:$UWA:8" "str:/sqladmin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000021 "s:$UWA:8" "str:/sqlweb" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000022 "s:$UWA:8" "str:/sysadmin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000023 "s:$UWA:8" "str:/webadmin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000024 "s:$UWA:8" "str:/webdb" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000025 "s:$UWA:8" "str:/websql" "mz:URL" "msg:SQL Admin Interface";
# Block PHPUnit eval-stdin.php CVE-2017-9841
MainRule id:40000026 "s:$UWA:8" "str:eval-stdin.php" "mz:URL" "msg:CVE-2017-9841";
# Block PHP easter egg which normally can be disabled via expose_php = off
MainRule id:40000027 "s:$UWA:8" "rx:PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$" "mz:URL|BODY|ARGS" "msg:PHP easter egg credits";
# Block PHP Xdebug
MainRule id:40000028 "s:$UWA:8" "str:XDEBUG_SESSION" "mz:ANY" "msg:Block PHP Xdebug";
# Block PHPinfo access
MainRule id:40000029 "s:$UWA:8" "str:phpinfo" "mz:URL|BODY|ARGS" "msg:PHPinfo access";
# Block known php installer exploit
MainRule id:40000030 "s:$UWA:8" "str:install.php" "mz:URL" "msg:Access to php install";
# Block more sql admin interface
MainRule id:40000031 "s:$UWA:8" "str:/mysql-admin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000032 "s:$UWA:8" "str:/mysqladmin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000033 "s:$UWA:8" "str:/sqlmanager" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000034 "s:$UWA:8" "str:/mysql/" "mz:URL" "msg:SQL Admin Interface";
# Block access to Lavarel telescope since it allows to read logs and SQL queries
MainRule id:40000035 "s:$UWA:8" "str:/telescope/" "mz:URL" "msg:Access to Lavarel telescope";
# Block access to adminer/phpMinAdmin sql admin interface
MainRule id:40000036 "s:$UWA:8" "str:adminer" "mz:URL" "msg:SQL Admin Interface";
# Block access to Symfony Web Framework dev mode.
MainRule id:40000037 "s:$UWA:8" "str:app_dev" "mz:URL" "msg:Symfony Web Framework dev mode";
# phpstorm in request
MainRule id:40000038 "s:$UWA:8" "str:phpstorm" "mz:URL|ARGS|HEADERS" "msg:phpstorm in request";

96
containers/conf/angie/naxsi_rules/blocking/blocking/10000000_scanner.rules Normal file
View file

@ -0,0 +1,96 @@
#######################################
## Scanners ids: 10000000 ##
#######################################
# http://pastebin.com/NP64hTQr
# http://blog.initiative-s.de/2013/09/kompromitierte-wordpress-blogs-werden-fuer-ddos-attacken-genutzt/
# If using wp then turn off this rule
MainRule id:10000000 "s:$UWA:8" "str:wordpress/" "mz:$HEADERS_VAR:User-Agent" "msg:Wordpress in user-agent";
# https://github.com/robertdavidgraham/masscan
MainRule id:10000001 "s:$UWA:8" "str:masscan" "mz:$HEADERS_VAR:User-Agent" "msg:masscan in user-agent";
# block acunetix scan
MainRule id:10000002 "s:$UWA:8" "str:99999999999999999999999" "mz:$HEADERS_VAR:Content-length" "msg:acunetix scan nginx buffer size";
MainRule id:10000003 "s:$UWA:8" "str:acunetix" "mz:URL|BODY|$HEADERS_VAR:Accept|$HEADERS_VAR:User-Agent" "msg:acunetix scan website";
MainRule id:10000004 "s:$UWA:8" "str:acunetix/wvs" "mz:$HEADERS_VAR:Accept" "msg:acunetix scan website";
MainRule id:10000005 "s:$UWA:8" "str:havij" "mz:$HEADERS_VAR:User-Agent" "msg:Havij in user-agent";
MainRule id:10000006 "s:$UWA:8" "str:webmole" "mz:$HEADERS_VAR:User-Agent" "msg:webmole in user-agent";
MainRule id:10000007 "s:$UWA:8" "str:nlpproject.info" "mz:$HEADERS_VAR:User-Agent" "msg:nlpproject.info in user-agent";
MainRule id:10000008 "s:$UWA:8" "str:cloudmapping" "mz:$HEADERS_VAR:User-Agent" "msg:cloudmapping in user-agent";
MainRule id:10000009 "s:$UWA:8" "str:sucuri" "mz:$HEADERS_VAR:User-Agent" "msg:Sucuri in user-agent";
MainRule id:10000010 "s:$UWA:8" "str:brutus/" "mz:$HEADERS_VAR:User-Agent" "msg:Brutus in user-agent";
MainRule id:10000011 "s:$UWA:4" "str:apachebench" "mz:$HEADERS_VAR:User-Agent" "msg:apachebench in user-agent";
MainRule id:10000012 "s:$UWA:8" "str:/netsparker" "mz:URL" "msg:netsparker in user-agent";
MainRule id:10000013 "s:$UWA:8" "str:mysqloit" "mz:$HEADERS_VAR:User-Agent" "msg:Mysqloit in user-agent";
MainRule id:10000014 "s:$UWA:8" "str:network-services-auditor" "mz:$HEADERS_VAR:User-Agent" "msg:network-services-auditor in user-agent";
MainRule id:10000015 "s:$UWA:8" "str:dav.pm" "mz:$HEADERS_VAR:User-Agent" "msg:dav.pm in user-agent";
MainRule id:10000016 "s:$UWA:8" "str:w3af" "mz:$HEADERS_VAR:User-Agent" "msg:w3af in user-agent";
MainRule id:10000017 "s:$UWA:8" "str:http_get_vars" "mz:$HEADERS_VAR:User-Agent" "msg:PHP-Injetion on UA";
MainRule id:10000018 "s:$UWA:8" "str:whisker" "mz:$HEADERS_VAR:User-Agent" "msg:whisker in user-agent";
MainRule id:10000019 "s:$UWA:8" "str:whatweb" "mz:$HEADERS_VAR:User-Agent" "msg:whatweb in user-agent";
MainRule id:10000020 "s:$UWA:8" "str:dirbuster" "mz:$HEADERS_VAR:User-Agent" "msg:DirBuster in user-agent";
# https://www.bleepingcomputer.com/news/security/phps-git-server-hacked-to-add-backdoors-to-php-source-code/
# https://github.com/php/php-src/commit/c730aa26bd52829a49f2ad284b181b7e82a68d7d#diff-a35f2ee9e1d2d3983a3270ee10ec70bf86349c53febdeabdf104f88cb2167961R370
# prevent php supply chain attack
MainRule id:10000021 "s:$UWA:8" "str:zerodium" "mz:$HEADERS_VAR:User-Agent" "msg:zerodium in user-agent";
# prevent log4j attack
# info https://www.govcert.ch/blog/zero-day-exploit-targeting-popular-java-library-log4j/
# payload check https://github.com/johto89/Some-collections-for-Security-Researcher/blob/master/log4j-all-in-one.md
MainRule id:10000022 "s:$UWA:8" "str:${" "mz:$HEADERS_VAR:User-Agent" "msg:log4j attack detection";
# Python libraries like python-requests, python-urllib, etc..
MainRule id:10000023 "s:$UWA:8" "str:python" "mz:$HEADERS_VAR:User-Agent" "msg:python in user-agent";
# Meterpreter
MainRule id:10000024 "s:$UWA:8" "str:meterpreter" "mz:$HEADERS_VAR:User-Agent" "msg:meterpreter in user-agent";
# https://github.com/zmap/zgrab2
MainRule id:10000025 "s:$UWA:8" "str:zgrab" "mz:$HEADERS_VAR:User-Agent" "msg:zgrab in user-agent";
# Known tools like nmap,curl,wget
MainRule id:10000026 "s:$UWA:8" "str:nmap" "mz:$HEADERS_VAR:User-Agent" "msg:nmap in user-agent";
MainRule id:10000027 "s:$UWA:8" "str:curl" "mz:$HEADERS_VAR:User-Agent" "msg:curl in user-agent";
MainRule id:10000028 "s:$UWA:8" "str:wget" "mz:$HEADERS_VAR:User-Agent" "msg:wget in user-agent";
MainRule id:10000029 "s:$UWA:8" "str:sqlmap" "mz:$HEADERS_VAR:User-Agent" "msg:slqmap in user-agent";
# Scan from Expense with this User-Agent:
# Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers presences on the Internet.
# If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com
MainRule id:10000030 "s:$UWA:8" "str:paloaltonetworks.com" "mz:$HEADERS_VAR:User-Agent" "msg:paloaltonetworks in user-agent";
MainRule id:10000031 "s:$UWA:8" "str:palo alto network" "mz:$HEADERS_VAR:User-Agent" "msg:palo alto network in user-agent";
MainRule id:10000032 "s:$UWA:8" "str:Expense" "mz:$HEADERS_VAR:User-Agent" "msg:Expense in user-agent";
# Scan from NetSystemsResearch with this User-Agent:
# NetSystemsResearch studies the availability of various services across the internet. Our website is netsystemsresearch.com
MainRule id:10000033 "s:$UWA:8" "str:NetSystemsResearch" "mz:$HEADERS_VAR:User-Agent" "msg:NetSystemsResearch in user-agent";
# Golang default User-Agent
MainRule id:10000034 "s:$UWA:8" "str:Go-http" "mz:$HEADERS_VAR:User-Agent" "msg:Golang in user-agent";
# Perl default User-Agent
MainRule id:10000035 "s:$UWA:8" "str:libwww-perl" "mz:$HEADERS_VAR:User-Agent" "msg:libwww-perl in user-agent";
# l9tcpid in User-Agent
MainRule id:10000036 "s:$UWA:8" "str:l9tcpid" "mz:$HEADERS_VAR:User-Agent" "msg:l9tcpid in user-agent";
# l9explore in User-Agent
MainRule id:10000037 "s:$UWA:8" "str:l9explore" "mz:$HEADERS_VAR:User-Agent" "msg:l9explore in user-agent";
# WPScan in User-Agent
MainRule id:10000038 "s:$UWA:8" "str:wpscan" "mz:$HEADERS_VAR:User-Agent" "msg:WPScan in user-agent";
# WinHttpReq in User-Agent
MainRule id:10000039 "s:$UWA:8" "str:WinHttpReq" "mz:$HEADERS_VAR:User-Agent" "msg:WinHttpReq in user-agent";
# EgyScan security scanner uses AliElTop in some of the attacks
MainRule id:10000040 "s:$UWA:8" "str:AliElTop" "mz:ANY" "msg:EgyScan security scanner";
# Guzzle PHP HTTP client
MainRule id:10000041 "s:$UWA:8" "str:GuzzleHttp" "mz:$HEADERS_VAR:User-Agent" "msg:GuzzleHttp in user-agent";
# Java client
MainRule id:10000042 "s:$UWA:8" "str:AsyncHttpClient" "mz:$HEADERS_VAR:User-Agent" "msg:AsyncHttpClient in user-agent";

172
containers/conf/angie/naxsi_rules/blocking/blocking/20000000_web_security.rules Normal file
View file

@ -0,0 +1,172 @@
#######################################
## Webserver Security ids: 20000000 ##
#######################################
# webserver critical files
MainRule id:20000000 "s:$UWA:8" "str:.conf" "mz:URL" "msg:file access to .conf";
MainRule id:20000001 "s:$UWA:8" "str:.ini" "mz:URL" "msg:file access to .ini";
MainRule id:20000002 "s:$UWA:8" "str:.sql" "mz:URL" "msg:file access to .sql";
MainRule id:20000003 "s:$UWA:8" "rx:\.txt$" "mz:URL" "msg:file access to .txt";
MainRule id:20000004 "s:$UWA:8" "str:/sftp-config.json" "mz:URL|BODY" "msg:file access to sftp-config.json";
MainRule id:20000005 "s:$UWA:8" "str:/.bzr" "mz:URL" "msg:bazaar version control folder access";
MainRule id:20000006 "s:$UWA:8" "str:/.git" "mz:URL" "msg:git version control folder access";
MainRule id:20000007 "s:$UWA:8" "str:/.hg" "mz:URL" "msg:mercurial version control folder access";
MainRule id:20000008 "s:$UWA:8" "str:/.svn" "mz:URL" "msg:svn version control folder access";
MainRule id:20000009 "s:$UWA:8" "str:/bzr/" "mz:URL" "msg:bazaar version control folder access";
MainRule id:20000010 "s:$UWA:8" "str:/git/" "mz:URL" "msg:git version control folder access";
MainRule id:20000011 "s:$UWA:8" "str:/hg/" "mz:URL" "msg:mercurial version control folder access";
MainRule id:20000012 "s:$UWA:8" "str:/svn/" "mz:URL" "msg:svn version control folder access";
MainRule id:20000013 "s:$UWA:8" "str:.htpasswd" "mz:ARGS|BODY|URL|FILE_EXT" "msg:file access to .htpasswd";
MainRule id:20000014 "s:$UWA:8" "str:.htaccess" "mz:ARGS|BODY|URL|FILE_EXT" "msg:file access to .htaccess";
MainRule id:20000015 "s:$UWA:8" "str:.ds_store" "mz:URL" "msg:file access to .ds_store";
MainRule id:20000016 "s:$UWA:8" "str:changelog" "mz:URL" "msg:file access to changelog";
MainRule id:20000017 "s:$UWA:8" "rx:^/core.\d+$" "mz:URL" "msg:file access to core dumps";
MainRule id:20000018 "s:$UWA:8" "rx:\.module$" "mz:URL" "msg:file access to .module (drupal)";
MainRule id:20000019 "s:$UWA:8" "str:web.config" "mz:URL" "msg:file access to web.config (drupal)";
MainRule id:20000020 "s:$UWA:8" "rx:release[-_]notes\." "mz:URL" "msg:file access to release notes";
MainRule id:20000021 "s:$UWA:8" "rx:~$" "mz:URL" "msg:file access to cache files";
MainRule id:20000022 "s:$UWA:8" "str:web-inf" "mz:URL|BODY|ARGS" "msg:folder access to WEB-INF";
# Exposed Services
MainRule id:20000023 "s:$UWA:8" "str:/cgi-bin/luci" "mz:URL" "msg:Exposed OpenWRT";
MainRule id:20000024 "s:$UWA:8" "rx:^/cgi-bin/.+\.cgi$" "mz:URL" "msg:Exposed cgi-bin";
MainRule id:20000025 "s:$UWA:8" "str:/jenkins" "mz:URL" "msg:Exposed Jenkins";
MainRule id:20000026 "s:$UWA:8" "str:/console/login/LoginForm.jsp" "mz:URL" "msg:Exposed Oracle WebLogic Server Administration Console";
MainRule id:20000027 "s:$UWA:8" "str:/nuxeo/login.jsp" "mz:URL" "msg:Exposed Nuxeo Enterprise Platform";
MainRule id:20000028 "s:$UWA:8" "str:/zabbix/index.php" "mz:URL" "msg:Exposed Zabbix";
# Known hacking tools like burp suite, etc..
MainRule id:20000029 "s:$UWA:8" "str:burpcollaborator.net" "mz:ARGS|BODY|HEADERS" "msg:burp collaborator";
MainRule id:20000030 "s:$UWA:8" "str:/netsparker" "mz:URL" "msg:Netsparker";
# Malicious strings in request
MainRule id:20000031 "s:$UWA:8" "str:\n\r" "mz:URL" "msg:HTTP - Smuggling-Attempt (NewLine in URI)";
MainRule id:20000032 "s:$UWA:6" "rx:^[a-zA-Z\d-]+\.[a-zA-Z]+$" "mz:$HEADERS_VAR:Host" "msg:HOST-Header Injection";
MainRule id:20000033 "s:$UWA:8" "str:/bin/sh" "mz:URL|BODY|ARGS|$HEADERS_VAR:User-Agent|$HEADERS_VAR:Cookie" "msg:/bin/sh in URI";
MainRule id:20000034 "s:$UWA:8" "str:/etc/passwd" "mz:URL|BODY|ARGS|$HEADERS_VAR:User-Agent|$HEADERS_VAR:Cookie" "msg:/etc/passwd in URI";
MainRule id:20000035 "s:$UWA:8" "str:/etc/shadow" "mz:URL|BODY|ARGS|$HEADERS_VAR:User-Agent|$HEADERS_VAR:Cookie" "msg:/etc/shadow in URI";
MainRule id:20000036 "s:$UWA:8" "str:/etc/hosts" "mz:URL|BODY|ARGS|$HEADERS_VAR:User-Agent|$HEADERS_VAR:Cookie" "msg:/etc/hosts in URI";
MainRule id:20000037 "s:$UWA:8" "str:/Windows/system.ini" "mz:URL|BODY|ARGS|$HEADERS_VAR:User-Agent|$HEADERS_VAR:Cookie" "msg:/Windows/system.ini in URI";
MainRule id:20000038 "s:$UWA:8" "rx:<!DOCTYPE(\s+)(%*\s*)([{}:.a-zA-Z0-9_-]*)(\s+)SYSTEM" "mz:BODY" "msg: possible XML/XXE-Exploitation atempt (Doctype)";
MainRule id:20000039 "s:$UWA:8" "str:http://http://" "mz:HEADERS" "msg:Abnormal double http:// in HTTP header";
MainRule id:20000040 "s:$UWA:8" "str:https://http://" "mz:HEADERS" "msg:Abnormal double http:// in HTTP header";
MainRule id:20000041 "s:$UWA:8" "str:http://https://" "mz:HEADERS" "msg:Abnormal double http:// in HTTP header";
MainRule id:20000042 "s:$UWA:8" "str:https://https://" "mz:HEADERS" "msg:Abnormal double http:// in HTTP header";
# ThinkPHP Remote Code Execution CVE-2018-20062
MainRule id:20000043 "s:$UWA:8" "str:index/\think\app/invokefunction" "mz:URL" "msg:CVE-2018-20062";
# AWS related files
MainRule id:20000044 "s:$UWA:8" "str:/.aws/" "mz:URL" "msg:AWS Credential Stealer";
# dot folders and files
MainRule id:20000045 "s:$UWA:8" "rx:/\.[^.]" "mz:URL" "msg:Access to dot folder or file";
# Exposed Microsoft Exchange
MainRule id:20000046 "s:$UWA:8" "str:autodiscover/autodiscover.json" "mz:URL" "msg:Exposed Microsoft Exchange";
MainRule id:20000047 "s:$UWA:8" "str:autodiscover/autodiscover.xml" "mz:URL" "msg:Exposed Microsoft Exchange";
MainRule id:20000048 "s:$UWA:8" "str:/auth.owa" "mz:URL" "msg:Exposed Microsoft Exchange";
# Ignition 2.5.1 Remote Code Execution CVE-2021-3129
MainRule id:20000049 "s:$UWA:8" "str:/_ignition/execute-solution" "mz:URL" "msg:CVE-2021-3129";
# CVE-2018-13379 path traversal vulnerability in Fortinet's FortiGate SSL VPN
# https://x.x.x.x/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession
MainRule id:20000050 "s:$UWA:8" "str:/sslvpn_websession" "mz:ARGS|BODY|HEADERS" "msg:CVE-2018-13379";
# Exposed Apache Tomcat Administration Panel
MainRule id:20000051 "s:$UWA:8" "str:/manager/html" "mz:URL" "msg:Exposed Apache Tomcat Administration Panel";
# Block NMAP enumeration
MainRule id:20000052 "s:$UWA:8" "str:/HNAP1" "mz:URL" "msg:NMAP enumeration attempt";
MainRule id:20000053 "s:$UWA:8" "rx:/default\.(asp|aspx|cfm|cgi|jsa|jsp|php|pl)$" "mz:URL" "msg:NMAP enumeration attempt";
MainRule id:20000054 "s:$UWA:8" "rx:/start\.(asp|aspx|cfm|cgi|jsa|jsp|php|pl)$" "mz:URL" "msg:NMAP enumeration attempt";
MainRule id:20000055 "s:$UWA:8" "rx:/localstart\.(asp|aspx|cfm|cgi|jsa|jsp|php|pl)$" "mz:URL" "msg:NMAP enumeration attempt";
MainRule id:20000056 "s:$UWA:8" "rx:/admin\.(asp|aspx|cfm|cgi|jsa|jsp|php|pl)$" "mz:URL" "msg:NMAP enumeration attempt";
MainRule id:20000057 "s:$UWA:8" "str:/nmaplowercheck" "mz:URL" "msg:NMAP enumeration attempt";
# Siemens PLC scan
MainRule id:20000058 "s:$UWA:8" "str:/__Additional" "mz:URL" "msg:Siemens PLC scan";
MainRule id:20000059 "s:$UWA:8" "str:/docs/cplugError.html/" "mz:URL" "msg:Siemens PLC scan";
MainRule id:20000060 "s:$UWA:8" "str:/Portal/Portal.mwsl" "mz:URL" "msg:Siemens PLC scan";
# Block Citrix XenApp
MainRule id:20000061 "s:$UWA:8" "str:/scripts/wpnbr.dll" "mz:URL" "msg:Citrix XenApp";
# Block jenkins authentication bypass CVE-2018-1000861
MainRule id:20000062 "s:$UWA:8" "str:/securityRealm/user/admin/search/index" "mz:URL" "msg:CVE-2018-1000861";
# Block jenkins RCE CVE-2019-1003029, CVE-2019-1003030
MainRule id:20000063 "s:$UWA:8" "str:/descriptorByName/org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SecureGroovyScript/checkScript/" "mz:URL" "msg:CVE-2019-1003029, CVE-2019-1003030";
# Log4J bypass
MainRule id:20000064 "s:$UWA:8" "str:${env:NaN:-" "mz:URL|ARGS|BODY|HEADERS" "msg:Attempted Log4J Bypass";
# Windows system paths
MainRule id:20000065 "s:$UWA:8" "str:\Windows\system.ini" "mz:URL|BODY|ARGS|$HEADERS_VAR:User-Agent|$HEADERS_VAR:Cookie" "msg:\Windows\system.ini in URI";
MainRule id:20000066 "s:$UWA:8" "str:/Windows/win.ini" "mz:URL|BODY|ARGS|$HEADERS_VAR:User-Agent|$HEADERS_VAR:Cookie" "msg:/Windows/win.ini in URI";
MainRule id:20000067 "s:$UWA:8" "str:\Windows\win.ini" "mz:URL|BODY|ARGS|$HEADERS_VAR:User-Agent|$HEADERS_VAR:Cookie" "msg:\Windows\win.ini in URI";
# Exposed Apache Host Manager App
MainRule id:20000068 "s:$UWA:8" "str:/manager/text/list" "mz:URL" "msg:Exposed Apache Host Manager App";
# Spring Cloud Gateway Code Injection Vulnerability
MainRule id:20000069 "s:$UWA:8" "str:/actuator/gateway/routes" "mz:URL" "msg:CVE-2022-22947";
# Block Spring4Shell
MainRule id:20000070 "s:$UWA:8" "str:class.module.classLoader.resources." "mz:RAW_BODY" "msg:CVE-2022-22965";
MainRule id:20000071 "s:$UWA:8" "rx:<%|%>" "mz:HEADERS" "msg:CVE-2022-22965";
# Block Microsoft Exchange Server Remote Code Execution
MainRule id:20000072 "s:$UWA:8" "str:/ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application" "mz:URL" "msg:CVE-2021-28481";
# Prevents IndoXploit/IDX Shell dump access
# A website that has been infected will have a world-browsable folder called `idx_config`
# which contains text versions of the configuration file of every CMS installation the shell
# is able to find (impacts WordPress, Joomla and Magento).
MainRule id:20000073 "s:$UWA:8" "str:/idx_config" "mz:URL" "msg:Prevent IndoXploit/IDX Shell dump access";
# Prevents old grafana to return all folders
# https://github.com/grafana/grafana/pull/44175
MainRule id:20000074 "s:$UWA:8" "rx:^0$" "mz:$URL:/api/search|$ARGS_VAR:folderIds" "msg:Access all grafana folders";
# Block access to yaml files
MainRule id:20000075 "s:$UWA:8" "str:.yml" "mz:URL" "msg:file access to .yml";
MainRule id:20000076 "s:$UWA:8" "str:.yaml" "mz:URL" "msg:file access to .yaml";
# Block access to HashiCorp Consul/Vault template files
MainRule id:20000077 "s:$UWA:8" "rx:\.ctmpl$" "mz:URL" "msg:file access to .ctmpl";
MainRule id:20000078 "s:$UWA:8" "rx:\.hcl$" "mz:URL" "msg:file access to .hcl";
# Block access to known files used for fingerprinting
MainRule id:20000079 "s:$UWA:8" "rx:\.md$" "mz:URL" "msg:file access to .md";
MainRule id:20000080 "s:$UWA:8" "rx:read[-_]?me" "mz:URL" "msg:file access to readme";
MainRule id:20000081 "s:$UWA:8" "rx:\.toml$" "mz:URL" "msg:file access to .toml";
# AWS related files
MainRule id:20000082 "s:$UWA:8" "str:dockerrun.aws.json" "mz:URL" "msg:Exposed AWS Elastic Beanstalk configuration";
# Block access to temporary backup files like .bak,.bak.php, etc...
MainRule id:20000083 "s:$UWA:8" "str:.bak" "mz:URL" "msg:file access to temporary backup files";
# Path traversal in nuxt/framework when in dev mode
# https://huntr.dev/bounties/4849af83-450c-435e-bc0b-71705f5be440/
MainRule id:20000084 "s:$UWA:8" "str:_nuxt/@" "mz:URL" "msg:path traversal in nuxt framework";
# AWS NodeJS related files
MainRule id:20000085 "s:$UWA:8" "str:awsconfig" "mz:URL" "msg:Exposed AWS config files";
MainRule id:20000086 "s:$UWA:8" "str:aws-config" "mz:URL" "msg:Exposed AWS config files";
MainRule id:20000087 "s:$UWA:8" "str:awscred" "mz:URL" "msg:Exposed AWS config files";
MainRule id:20000088 "s:$UWA:8" "str:aws-cred" "mz:URL" "msg:Exposed AWS config files";
# Text editors temp and config files
MainRule id:20000089 "s:$UWA:8" "str:.old" "mz:URL" "msg:Exposed temp copy";
MainRule id:20000090 "s:$UWA:8" "str:.save" "mz:URL" "msg:Exposed temp copy";
MainRule id:20000091 "s:$UWA:8" "str:.DS_Store" "mz:URL" "msg:Exposed temp copy";
MainRule id:20000092 "s:$UWA:8" "str:vscode" "mz:URL" "msg:Exposed vscode directory";
# Exposed .env
MainRule id:20000093 "s:$UWA:8" "str:/.env" "mz:URL" "msg:access to .env file or dir";
# androxgh0st exploit
MainRule id:20000094 "s:$UWA:8" "str:androxgh0st" "mz:ANY" "msg:androxgh0st exploit";

16
containers/conf/angie/naxsi_rules/blocking/blocking/30000000_wordpress.rules Normal file
View file

@ -0,0 +1,16 @@
#######################################
## Wordpress ids: 30000000 ##
#######################################
MainRule id:30000000 "s:$UWA:8" "str:system.multicall" "mz:$URL:/xmlrpc.php|BODY" "msg:Wordpress XMLRPC possible Password Brute Force";
MainRule id:30000001 "s:$UWA:8" "str:system.listmethods" "mz:$URL:/xmlrpc.php|BODY" "msg:WordPress XMLRPC Enumeration system.listMethods";
MainRule id:30000002 "s:$UWA:8" "str:system.getcapabilities" "mz:$URL:/xmlrpc.php|BODY" "msg:WordPress XMLRPC Enumeration system.getCapabilities";
MainRule id:30000003 "s:$UWA:8" "str:/w3tc/dbcache" "mz:URL" "msg:WordPress TotalCache-DBCache-Access";
MainRule id:30000004 "s:$UWA:8" "str:/uploadify/uploadify.php" "mz:URL" "msg:WordPress Uploadify-Access";
MainRule id:30000005 "s:$UWA:8" "str:/wp-content/plugins/mm-forms-community/upload/temp/" "mz:URL" "msg:Access To mm-forms-community upload dir";
MainRule id:30000006 "s:$UWA:8" "str:wp-config.php" "mz:BODY|ARGS|URL" "msg:WordPress access to wp-config.php";
# block malicious access ALFA_DATA|alfacgiapi|cgialfa path
MainRule id:30000007 "s:$UWA:8" "str:ALFA_DATA" "mz:URL" "msg:WordPress malicious access to ALFA_DATA path";
MainRule id:30000008 "s:$UWA:8" "str:alfacgiapi" "mz:URL" "msg:WordPress malicious access to alfacgiapi path";
MainRule id:30000009 "s:$UWA:8" "str:cgialfa" "mz:URL" "msg:WordPress malicious access to cgialfa path";

66
containers/conf/angie/naxsi_rules/blocking/blocking/40000000_php_security.rules Normal file
View file

@ -0,0 +1,66 @@
#######################################
## PHP Security ids: 40000000 ##
#######################################
# Php Functions
MainRule id:40000000 "s:$UWA:8" "str:gzinflate(" "mz:URL|BODY|ARGS" "msg:gzinflate in URI";
MainRule id:40000001 "s:$UWA:8" "str:system(" "mz:URL|BODY|ARGS" "msg:php system called";
MainRule id:40000002 "s:$UWA:8" "str:base64_decode(" "mz:URL|BODY|ARGS" "msg:php base64_decode called";
MainRule id:40000003 "s:$UWA:8" "str:@eval" "mz:URL|BODY|ARGS" "msg:php eval called";
MainRule id:40000004 "s:$UWA:8" "rx:eval\((\s+)?\$_" "mz:URL|BODY|ARGS" "msg:php eval called";
# PhpMyAdmin
MainRule id:40000005 "s:$UWA:8" "str:/db-admin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000006 "s:$UWA:8" "str:/dbadmin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000007 "s:$UWA:8" "str:/myadmin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000008 "s:$UWA:8" "str:/mysqldumper " "mz:URL" "msg:MysqlDumper";
MainRule id:40000009 "s:$UWA:8" "str:/mysqlmanager" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000010 "s:$UWA:8" "str:/p/m/a/" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000011 "s:$UWA:8" "str:/php-my-admin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000012 "s:$UWA:8" "str:/php-myadmin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000013 "s:$UWA:8" "str:/phpmanager" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000014 "s:$UWA:8" "str:/phpmy" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000015 "s:$UWA:8" "str:/phpmy-admin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000016 "s:$UWA:8" "str:/phpmyadmin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000017 "s:$UWA:8" "str:/phppgadmin " "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000018 "s:$UWA:8" "str:/pma" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000019 "s:$UWA:8" "str:/sql-admin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000020 "s:$UWA:8" "str:/sqladmin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000021 "s:$UWA:8" "str:/sqlweb" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000022 "s:$UWA:8" "str:/sysadmin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000023 "s:$UWA:8" "str:/webadmin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000024 "s:$UWA:8" "str:/webdb" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000025 "s:$UWA:8" "str:/websql" "mz:URL" "msg:SQL Admin Interface";
# Block PHPUnit eval-stdin.php CVE-2017-9841
MainRule id:40000026 "s:$UWA:8" "str:eval-stdin.php" "mz:URL" "msg:CVE-2017-9841";
# Block PHP easter egg which normally can be disabled via expose_php = off
MainRule id:40000027 "s:$UWA:8" "rx:PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$" "mz:URL|BODY|ARGS" "msg:PHP easter egg credits";
# Block PHP Xdebug
MainRule id:40000028 "s:$UWA:8" "str:XDEBUG_SESSION" "mz:ANY" "msg:Block PHP Xdebug";
# Block PHPinfo access
MainRule id:40000029 "s:$UWA:8" "str:phpinfo" "mz:URL|BODY|ARGS" "msg:PHPinfo access";
# Block known php installer exploit
MainRule id:40000030 "s:$UWA:8" "str:install.php" "mz:URL" "msg:Access to php install";
# Block more sql admin interface
MainRule id:40000031 "s:$UWA:8" "str:/mysql-admin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000032 "s:$UWA:8" "str:/mysqladmin" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000033 "s:$UWA:8" "str:/sqlmanager" "mz:URL" "msg:SQL Admin Interface";
MainRule id:40000034 "s:$UWA:8" "str:/mysql/" "mz:URL" "msg:SQL Admin Interface";
# Block access to Lavarel telescope since it allows to read logs and SQL queries
MainRule id:40000035 "s:$UWA:8" "str:/telescope/" "mz:URL" "msg:Access to Lavarel telescope";
# Block access to adminer/phpMinAdmin sql admin interface
MainRule id:40000036 "s:$UWA:8" "str:adminer" "mz:URL" "msg:SQL Admin Interface";
# Block access to Symfony Web Framework dev mode.
MainRule id:40000037 "s:$UWA:8" "str:app_dev" "mz:URL" "msg:Symfony Web Framework dev mode";
# phpstorm in request
MainRule id:40000038 "s:$UWA:8" "str:phpstorm" "mz:URL|ARGS|HEADERS" "msg:phpstorm in request";

15
containers/conf/angie/naxsi_rules/blocking/blocking/50000000_sql_injection.rules Normal file
View file

@ -0,0 +1,15 @@
#######################################
## SQL Injection ids: 50000000 ##
#######################################
# Transact-SQL General Extended Stored Procedures
# https://docs.microsoft.com/en-us/sql/relational-databases/system-stored-procedures/general-extended-stored-procedures-transact-sql
MainRule id:50000000 "s:$SQL:8" "rx:xp_(cmdshell|enumgroups|grantlogin|logevent|loginconfig|logininfo|msver|revokelogin|sprintf|sqlmaint|sscanf)" "mz:BODY|HEADERS|ARGS|URL" "msg:Transact-SQL GESP";
# Classic SQL injection
MainRule id:50000001 "s:$SQL:8" "rx:(CHAR|CONCAT|CONCAT_WS)\([0-9a-fx,]+\)" "mz:BODY|HEADERS|ARGS|URL" "msg:SQL Injection";
MainRule id:50000002 "s:$SQL:8" "rx:SLEEP(\s+)?\(" "mz:BODY|HEADERS|ARGS|URL" "msg:SQL Injection";
MainRule id:50000003 "s:$SQL:8" "rx:\bBENCHMARK\b\([0-9,]+.+\)" "mz:BODY|HEADERS|ARGS|URL" "msg:SQL Injection";
MainRule id:50000004 "s:$SQL:8" "rx:\b(UNION|INFORMATION_SCHEMA)\b.*(#|--|\*)" "mz:BODY|HEADERS|ARGS|URL" "msg:SQL Injection";
MainRule id:50000005 "s:$SQL:8" "rx:(MD\d|SHA\d+)(\s+)?\(" "mz:BODY|HEADERS|ARGS|URL" "msg:SQL Injection";
MainRule id:50000006 "s:$SQL:8" "rx:DBMS_PIPE|RECEIVE_MESSAGE|WAITFOR|DELAY" "mz:BODY|HEADERS|ARGS|URL" "msg:SQL Injection";

95
containers/conf/angie/naxsi_rules/naxsi_core.rules Normal file
View file

@ -0,0 +1,95 @@
##################################
## INTERNAL RULES IDS:1-999 ##
##################################
#@MainRule "msg:weird request, unable to parse" id:1;
#@MainRule "msg:request too big, stored on disk and not parsed" id:2;
#@MainRule "msg:invalid hex encoding, null bytes" id:10;
#@MainRule "msg:unknown content-type" id:11;
#@MainRule "msg:invalid formatted url" id:12;
#@MainRule "msg:invalid POST format" id:13;
#@MainRule "msg:invalid POST boundary" id:14;
#@MainRule "msg:invalid JSON" id:15;
#@MainRule "msg:empty POST" id:16;
#@MainRule "msg:libinjection_sql" id:17;
#@MainRule "msg:libinjection_xss" id:18;
#@MainRule "msg:no generic rules" id:19;
#@MainRule "msg:bad utf8" id:20;
#@MainRule "msg:illegal host header" id:21;
##################################
## SQL Injections IDs:1000-1099 ##
##################################
MainRule "rx:select|union|update|delete|insert|table|from|ascii|hex|unhex|drop|load_file|substr|group_concat|dumpfile|bigint" "msg:sql keywords" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:4" id:1000;
MainRule "str:\"" "msg:double quote" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8,$XSS:8" id:1001;
MainRule "str:0x" "msg:0x, possible hex encoding" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:2" id:1002;
## Hardcore rules
MainRule "str:/*" "msg:mysql comment (/*)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8" id:1003;
MainRule "str:*/" "msg:mysql comment (*/)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8" id:1004;
MainRule "str:|" "msg:mysql keyword (|)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8" id:1005;
MainRule "str:&&" "msg:mysql keyword (&&)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8" id:1006;
## end of hardcore rules
MainRule "str:--" "msg:mysql comment (--)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:4" id:1007;
MainRule "str:;" "msg:semicolon" "mz:BODY|URL|ARGS" "s:$SQL:4,$XSS:8" id:1008;
MainRule "str:=" "msg:equal sign in var, probable sql/xss" "mz:ARGS|BODY" "s:$SQL:2" id:1009;
MainRule "str:(" "msg:open parenthesis, probable sql/xss" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$SQL:4,$XSS:8" id:1010;
MainRule "str:)" "msg:close parenthesis, probable sql/xss" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$SQL:4,$XSS:8" id:1011;
MainRule "str:'" "msg:simple quote" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$SQL:4,$XSS:8" id:1013;
MainRule "str:," "msg:comma" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:4" id:1015;
MainRule "str:#" "msg:mysql comment (#)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:4" id:1016;
MainRule "str:@@" "msg:double arobase (@@)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:4" id:1017;
MainRule "rx:::json|to_json|jsonb?_build|jsonb?_object|jsonb?_each|jsonb?_extract|jsonb?_typeof|jsonb?_array|jsonb_set|json_query|json_keys" "msg:json functions and operators" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8" id:1018;
###############################
## OBVIOUS RFI IDs:1100-1199 ##
###############################
MainRule "str:http://" "msg:http:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1100;
MainRule "str:https://" "msg:https:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1101;
MainRule "str:ftp://" "msg:ftp:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1102;
MainRule "str:php://" "msg:php:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1103;
MainRule "str:sftp://" "msg:sftp:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1104;
MainRule "str:zlib://" "msg:zlib:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1105;
MainRule "str:data://" "msg:data:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1106;
MainRule "str:glob://" "msg:glob:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1107;
MainRule "str:phar://" "msg:phar:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1108;
MainRule "str:file://" "msg:file:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1109;
MainRule "str:gopher://" "msg:gopher:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1110;
MainRule "str:zip://" "msg:zip:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1111;
MainRule "str:expect://" "msg:expect:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1112;
MainRule "str:input://" "msg:input:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1113;
#######################################
## Directory traversal IDs:1200-1299 ##
#######################################
MainRule "str:.." "msg:double dot" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1200;
MainRule "str:/etc/passwd" "msg:obvious probe" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1202;
MainRule "str:c:\\" "msg:obvious windows path" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1203;
MainRule "str:cmd.exe" "msg:obvious probe" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1204;
MainRule "str:\\" "msg:backslash" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1205;
#MainRule "str:/" "msg:slash in args" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:2" id:1206;
MainRule "str:/..;/" "msg:dir traversal bypass" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:2" id:1207;
MainRule "str:/.;/" "msg:dir traversal bypass" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1208;
MainRule "str:/.%2e/" "msg:dir traversal bypass" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1209;
MainRule "str:/%2e./" "msg:dir traversal bypass" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1210;
########################################
## Cross Site Scripting IDs:1300-1399 ##
########################################
MainRule "str:<" "msg:html open tag" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1302;
MainRule "str:>" "msg:html close tag" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1303;
MainRule "str:[" "msg:open square backet ([), possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1310;
MainRule "str:]" "msg:close square bracket (]), possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
MainRule "str:~" "msg:tilde (~) character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
MainRule "str:`" "msg:grave accent (`)" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
MainRule "rx:%[23]." "msg:double encoding" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
####################################
## Evading tricks IDs: 1400-1500 ##
####################################
MainRule "str:&#" "msg:utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
MainRule "str:%U" "msg:M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
#############################
## File uploads: 1500-1600 ##
#############################
MainRule "rx:\.ph|\.asp|\.ht|\.jsp" "msg:asp/php/jsp/htaccess file upload" "mz:FILE_EXT" "s:$UPLOAD:8" id:1500;
MainRule "rx:^[\.a-z0-9_\- ]+$" negative "msg:uploaded filename contains non-printable ascii chars" "mz:FILE_EXT" "s:$UPLOAD:8" id:1501;

7
containers/conf/angie/naxsi_rules/whitelists/dokuwiki.rules Normal file
View file

@ -0,0 +1,7 @@
# DokuWiki rules
BasicRule wl:1015 "mz:$BODY_VAR:usergroups";
BasicRule wl:0 "mz:$BODY_VAR:wikitext";
BasicRule wl:0 "mz:$BODY_VAR:summary";
BasicRule wl:0 "mz:$BODY_VAR:prefix";
BasicRule wl:0 "mz:$BODY_VAR:suffix";

61
containers/conf/angie/naxsi_rules/whitelists/drupal.rules Normal file
View file

@ -0,0 +1,61 @@
####################################
## Drupal whitelists ALPHA ##
####################################
# some url patterns
BasicRule wl:1000 "mz:$URL:/modules/update/update.css|URL";
BasicRule wl:1000 "mz:$URL:/misc/tableselect.js|URL";
BasicRule wl:1000 "mz:$URL:/modules/contextual/images/gear-select.png|URL|$HEADERS_VAR:cookie";
BasicRule wl:1000 "mz:$URL:/misc/ui/jquery.ui.sortable.min.js|URL|$HEADERS_VAR:cookie";
BasicRule wl:1000 "mz:$URL:/misc/tableheader.js|URL|$HEADERS_VAR:cookie";
BasicRule wl:1000 "mz:$URL:/misc/tabledrag.js|URL|$HEADERS_VAR:cookie";
# bad keywords in posts etc (update etc)
BasicRule wl:1000 "mz:$URL:/|$BODY_VAR:comment_confirm_delete|NAME";
BasicRule wl:1000 "mz:$URL:/|$ARGS_VAR:q";
BasicRule wl:1000 "mz:$URL:/|$BODY_VAR:form_id";
BasicRule wl:1000 "mz:$URL:/|$HEADERS_VAR:cookie";
BasicRule wl:1010 "mz:$URL:/|$ARGS_VAR:date";
# XSS because of [ and ] in POST variables
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^body|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^menu|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^path|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^comment_body|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^field_|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^type|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^modules|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^blocks|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^palette|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^regions|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^roles|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^fields|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$ARGS_VAR_X:^destination|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^filter|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^search_active_modules|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^shortcuts|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^formats|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR:status";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR:role";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR:permission";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR:type";
# update module
BasicRule wl:16 "mz:$URL:/|BODY";
# user mail
BasicRule wl:1007,1010,1011,1013,1015,1310,1311 "mz:$URL:/|$BODY_VAR_X:^user_mail";
# other stuff
BasicRule wl:1007 "mz:$URL:/|$BODY_VAR:form_build_id";
BasicRule wl:1007 "mz:$URL:/|$BODY_VAR:menu[parent]";
BasicRule wl:1007 "mz:$URL:/|$BODY_VAR:form_token";
BasicRule wl:1007 "mz:$URL:/|$BODY_VAR:additional_settings__active_tab";
BasicRule wl:1007 "mz:$URL:/|$BODY_VAR:date";
BasicRule wl:1302,1303 "mz:$URL:/|$BODY_VAR_X:^filters";
BasicRule wl:1010,1011 "mz:$URL:/|$BODY_VAR:actions_label";
BasicRule wl:1015 "mz:$URL:/|$BODY_VAR:date_format_long";
BasicRule wl:1009,1016 "mz:$URL:/|$ARGS_VAR:destination";
BasicRule wl:1016 "mz:$URL:/|$BODY_VAR_X:^palette";

7
containers/conf/angie/naxsi_rules/whitelists/etherpad-lite.rules Normal file
View file

@ -0,0 +1,7 @@
# Etherpad: Really real-time collaborative document editing http://etherpad.org
BasicRule wl:1001,1008,1010,1011,1013,1015,1101 "mz:$URL:/jserror|$BODY_VAR:errorinfo";
BasicRule wl:2 "mz:$URL_X:^/p/.*/import$|BODY";
BasicRule wl:1311 "mz:$URL_X:^/p/.*]$|URL";
BasicRule wl:1007 "mz:URL";
BasicRule wl:1315 "mz:$HEADERS_VAR:cookie";
BasicRule wl:11 "mz:$URL:/socket.io/|BODY";

10
containers/conf/angie/naxsi_rules/whitelists/iris.rules Normal file
View file

@ -0,0 +1,10 @@
# Web IRC client Iris for the atheme platform https://github.com/atheme-legacy/iris
### Allowed chars in the URI of WebChat Wizard "custom link" or "embed"
BasicRule wl:1000,1315 "mz:$HEADERS_VAR:cookie";
BasicRule wl:1015 "mz:$ARGS_VAR:channels";
BasicRule wl:1000,1002,1005,1007,1013,1200,1205,1310,1311,1314 "mz:$ARGS_VAR:nick";
BasicRule wl:1000,1005,1008,1013,1015,1200,1205 "mz:$URL:/|ARGS";
### Allowed chars in Chat and Private
BasicRule wl:0 "mz:$URL:/e/p|$BODY_VAR:c";
### Allowed chars in nick same as are allowed in IRCD
BasicRule wl:1000,1002,1005,1007,1205,1310,1311,1314 "mz:$URL:/e/n|$BODY_VAR:nick";

10
containers/conf/angie/naxsi_rules/whitelists/rutorrent.rules Normal file
View file

@ -0,0 +1,10 @@
BasicRule wl:1005,1010,1011,1315 "mz:$HEADERS_VAR:cookie";
BasicRule wl:1402 "mz:$HEADERS_VAR:content-type";
BasicRule wl:11 "mz:$URL:/rutorrent/php/setsettings.php|BODY";
BasicRule wl:11 "mz:$URL:/rutorrent/php/getsettings.php|BODY";
BasicRule wl:1000,1001,1015,1310,1311 "mz:$BODY_VAR:v";
BasicRule wl:1005,1008 "mz:$BODY_VAR:cookie";
BasicRule wl:1000,1100,1101,1315 "mz:$BODY_VAR:url";
BasicRule wl:1310,1311 "mz:$URL:/rutorrent/php/addtorrent.php|$ARGS_VAR:result[]|NAME";
BasicRule wl:1000,1100,1101 "mz:$ARGS_VAR:name[]";
BasicRule wl:1310,1311 "mz:$URL:/rutorrent/php/addtorrent.php|$ARGS_VAR:name[]|NAME";

7
containers/conf/angie/naxsi_rules/whitelists/whitelists/dokuwiki.rules Normal file
View file

@ -0,0 +1,7 @@
# DokuWiki rules
BasicRule wl:1015 "mz:$BODY_VAR:usergroups";
BasicRule wl:0 "mz:$BODY_VAR:wikitext";
BasicRule wl:0 "mz:$BODY_VAR:summary";
BasicRule wl:0 "mz:$BODY_VAR:prefix";
BasicRule wl:0 "mz:$BODY_VAR:suffix";

61
containers/conf/angie/naxsi_rules/whitelists/whitelists/drupal.rules Normal file
View file

@ -0,0 +1,61 @@
####################################
## Drupal whitelists ALPHA ##
####################################
# some url patterns
BasicRule wl:1000 "mz:$URL:/modules/update/update.css|URL";
BasicRule wl:1000 "mz:$URL:/misc/tableselect.js|URL";
BasicRule wl:1000 "mz:$URL:/modules/contextual/images/gear-select.png|URL|$HEADERS_VAR:cookie";
BasicRule wl:1000 "mz:$URL:/misc/ui/jquery.ui.sortable.min.js|URL|$HEADERS_VAR:cookie";
BasicRule wl:1000 "mz:$URL:/misc/tableheader.js|URL|$HEADERS_VAR:cookie";
BasicRule wl:1000 "mz:$URL:/misc/tabledrag.js|URL|$HEADERS_VAR:cookie";
# bad keywords in posts etc (update etc)
BasicRule wl:1000 "mz:$URL:/|$BODY_VAR:comment_confirm_delete|NAME";
BasicRule wl:1000 "mz:$URL:/|$ARGS_VAR:q";
BasicRule wl:1000 "mz:$URL:/|$BODY_VAR:form_id";
BasicRule wl:1000 "mz:$URL:/|$HEADERS_VAR:cookie";
BasicRule wl:1010 "mz:$URL:/|$ARGS_VAR:date";
# XSS because of [ and ] in POST variables
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^body|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^menu|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^path|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^comment_body|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^field_|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^type|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^modules|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^blocks|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^palette|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^regions|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^roles|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^fields|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$ARGS_VAR_X:^destination|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^filter|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^search_active_modules|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^shortcuts|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR_X:^formats|NAME";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR:status";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR:role";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR:permission";
BasicRule wl:1310,1311 "mz:$URL:/|$BODY_VAR:type";
# update module
BasicRule wl:16 "mz:$URL:/|BODY";
# user mail
BasicRule wl:1007,1010,1011,1013,1015,1310,1311 "mz:$URL:/|$BODY_VAR_X:^user_mail";
# other stuff
BasicRule wl:1007 "mz:$URL:/|$BODY_VAR:form_build_id";
BasicRule wl:1007 "mz:$URL:/|$BODY_VAR:menu[parent]";
BasicRule wl:1007 "mz:$URL:/|$BODY_VAR:form_token";
BasicRule wl:1007 "mz:$URL:/|$BODY_VAR:additional_settings__active_tab";
BasicRule wl:1007 "mz:$URL:/|$BODY_VAR:date";
BasicRule wl:1302,1303 "mz:$URL:/|$BODY_VAR_X:^filters";
BasicRule wl:1010,1011 "mz:$URL:/|$BODY_VAR:actions_label";
BasicRule wl:1015 "mz:$URL:/|$BODY_VAR:date_format_long";
BasicRule wl:1009,1016 "mz:$URL:/|$ARGS_VAR:destination";
BasicRule wl:1016 "mz:$URL:/|$BODY_VAR_X:^palette";

7
containers/conf/angie/naxsi_rules/whitelists/whitelists/etherpad-lite.rules Normal file
View file

@ -0,0 +1,7 @@
# Etherpad: Really real-time collaborative document editing http://etherpad.org
BasicRule wl:1001,1008,1010,1011,1013,1015,1101 "mz:$URL:/jserror|$BODY_VAR:errorinfo";
BasicRule wl:2 "mz:$URL_X:^/p/.*/import$|BODY";
BasicRule wl:1311 "mz:$URL_X:^/p/.*]$|URL";
BasicRule wl:1007 "mz:URL";
BasicRule wl:1315 "mz:$HEADERS_VAR:cookie";
BasicRule wl:11 "mz:$URL:/socket.io/|BODY";

5
containers/conf/angie/naxsi_rules/whitelists/whitelists/generic.rules Normal file
View file

@ -0,0 +1,5 @@
# whitelist robots.txt
BasicRule wl:20000003 "mz:$URL:/robots.txt|URL";
# whitelist /.well-known/security.txt
BasicRule wl:20000003,20000045 "mz:$URL:/.well-known/security.txt|URL";

10
containers/conf/angie/naxsi_rules/whitelists/whitelists/iris.rules Normal file
View file

@ -0,0 +1,10 @@
# Web IRC client Iris for the atheme platform https://github.com/atheme-legacy/iris
### Allowed chars in the URI of WebChat Wizard "custom link" or "embed"
BasicRule wl:1000,1315 "mz:$HEADERS_VAR:cookie";
BasicRule wl:1015 "mz:$ARGS_VAR:channels";
BasicRule wl:1000,1002,1005,1007,1013,1200,1205,1310,1311,1314 "mz:$ARGS_VAR:nick";
BasicRule wl:1000,1005,1008,1013,1015,1200,1205 "mz:$URL:/|ARGS";
### Allowed chars in Chat and Private
BasicRule wl:0 "mz:$URL:/e/p|$BODY_VAR:c";
### Allowed chars in nick same as are allowed in IRCD
BasicRule wl:1000,1002,1005,1007,1205,1310,1311,1314 "mz:$URL:/e/n|$BODY_VAR:nick";

124
containers/conf/angie/naxsi_rules/whitelists/whitelists/jellyfin.rules Normal file
View file

@ -0,0 +1,124 @@
# Jellyfin rules
# global
BasicRule wl:2,11 "mz:BODY";
BasicRule wl:17 "mz:$HEADERS_VAR:accept";
BasicRule wl:1000 "mz:URL";
BasicRule wl:1000,1002 "mz:$HEADERS_VAR:cookie";
# /Users.*
BasicRule wl:1000,1015 "mz:$ARGS_VAR_X:^Fields$|$URL_X:^/Users.*$";
BasicRule wl:1000,1015 "mz:$ARGS_VAR_X:^EnableImageTypes$|$URL_X:^/Users.*$";
BasicRule wl:1000 "mz:$BODY_VAR_X:^RememberAudioSelections$|NAME|$URL_X:^/Users/[0-9a-f-]*.*$";
BasicRule wl:1000 "mz:$BODY_VAR_X:^RememberSubtitleSelections$|NAME|$URL_X:^/Users/[0-9a-f-]*.*$";
BasicRule wl:1015 "mz:$ARGS_VAR_X:^SortBy$|$URL_X:^/Users.*$";
BasicRule wl:1015 "mz:$ARGS_VAR_X:^Ids$|$URL_X:^/Users.*$";
BasicRule wl:1015 "mz:$ARGS_VAR_X:^MediaTypes$|$URL_X:^/Users.*$";
BasicRule wl:1015 "mz:$ARGS_VAR_X:^SortOrder$|$URL_X:^/Users/[0-9a-f-]*/Items$";
BasicRule wl:1015 "mz:$ARGS_VAR_X:^IncludeItemTypes$|$URL_X:^/Users/[0-9a-f-]*/Items$";
# /Users/authenticatebyname
BasicRule wl:1010,1011,1012,1302 "mz:$BODY_VAR:Pw|$URL:/Users/authenticatebyname";
# /UserItems/Resume
BasicRule wl:1015 "mz:$ARGS_VAR:fields|$URL:/UserItems/Resume";
# /Shows.*
BasicRule wl:1000,1015 "mz:$ARGS_VAR_X:^Fields$|$URL_X:^/Shows/[0-9a-f-]*/Seasons$";
BasicRule wl:1000,1015 "mz:$ARGS_VAR_X:^Fields$|$URL_X:^/Shows/[0-9a-f-]*/Episodes$";
BasicRule wl:1000,1015 "mz:$ARGS_VAR_X:^EnableImageTypes$|$URL_X:^/Shows/NextUp.*$";
BasicRule wl:1000,1015 "mz:$ARGS_VAR_X:^Fields$|$URL_X:^/Shows/NextUp.*$";
BasicRule wl:1000 "mz:$ARGS_VAR_X:^NextUpDateCutoff$|$URL_X:^/Shows/NextUp.*$";
BasicRule wl:1015 "mz:$ARGS_VAR:StartIndex|$URL:/Shows/NextUp?";
# /DisplayPreferences
BasicRule wl:15,1000,1001,1015,1101,1205 "mz:BODY|$URL:/DisplayPreferences/usersettings";
BasicRule wl:1000 "mz:$BODY_VAR_X:^chromecastVersion$|$URL_X:^/DisplayPreferences/[0-9a-f-]*$";
BasicRule wl:1000 "mz:$BODY_VAR_X:^ShowBackdrop$|NAME|$URL_X:^/DisplayPreferences/[0-9a-f-]*$";
BasicRule wl:1101 "mz:BODY|NAME|$URL:/DisplayPreferences/usersettings";
# /Items.*
BasicRule wl:17 "mz:$HEADERS_VAR_X:^accept$|$URL_X:^/Items/[0-9a-f-]*/.*$";
BasicRule wl:1000 "mz:URL|$URL_X:^/Items/[0-9a-f-]*/.*$";
BasicRule wl:1000 "mz:$ARGS_VAR_X:^inheritFromParent$|NAME|$URL_X:^/Items/[0-9a-f-]*/ThemeMedia$";
BasicRule wl:1000,1015 "mz:$ARGS_VAR_X:^Fields$|$URL_X:^/Items.*$";
BasicRule wl:1005 "mz:$BODY_VAR_X:^Value$|$URL_X:^/Items/[0-9a-f-]*/PlaybackInfo$";
BasicRule wl:1013,1100 "mz:$ARGS_VAR:searchTerm|$URL:/Items";
BasicRule wl:1015 "mz:$BODY_VAR_X:^VideoCodec$|$URL_X:^/Items/[0-9a-f-]*/PlaybackInfo$";
BasicRule wl:1015 "mz:$BODY_VAR_X:^AudioCodec$|$URL_X:^/Items/[0-9a-f-]*/PlaybackInfo$";
BasicRule wl:1015 "mz:$BODY_VAR_X:^Container$|$URL_X:^/Items/[0-9a-f-]*/PlaybackInfo$";
BasicRule wl:1015 "mz:$ARGS_VAR:ExcludeLocationTypes|$URL:/Items?";
BasicRule wl:1015 "mz:$ARGS_VAR:Fields|$URL:/Items?";
BasicRule wl:1015 "mz:$ARGS_VAR:Filters|$URL:/Items?";
BasicRule wl:1015 "mz:$ARGS_VAR:ImageTypes|$URL:/Items?";
BasicRule wl:1015 "mz:$ARGS_VAR:IncludeItemTypes|$URL:/Items?";
BasicRule wl:1015 "mz:$ARGS_VAR:Recursive|$URL:/Items?";
BasicRule wl:1015 "mz:$ARGS_VAR:SortBy|$URL:/Items?";
BasicRule wl:1015 "mz:$ARGS_VAR:SortOrder|$URL:/Items?";
# /Shows/Upcoming
BasicRule wl:1000,1015 "mz:$ARGS_VAR:EnableImageTypes|$URL:/Shows/Upcoming";
# /Movies/Recommendations
BasicRule wl:1000,1015 "mz:$ARGS_VAR:Fields|$URL:/Movies/Recommendations";
BasicRule wl:1000,1015 "mz:$ARGS_VAR:EnableImageTypes|$URL:/Movies/Recommendations";
# /System/Configuration
BasicRule wl:1013,1015 "mz:$BODY_VAR:SortRemoveCharacters|$URL:/System/Configuration";
BasicRule wl:1000 "mz:$BODY_VAR:LibraryUpdateDuration|$URL:/System/Configuration";
BasicRule wl:1000 "mz:$BODY_VAR:Name|$URL:/System/Configuration";
BasicRule wl:1101 "mz:$BODY_VAR:Url|$URL:/System/Configuration";
BasicRule wl:50000006 "mz:$BODY_VAR:LibraryMonitorDelay|$URL:/System/Configuration";
BasicRule wl:50000006 "mz:$BODY_VAR:ThrottleDelaySeconds|NAME|$URL:/System/Configuration/encoding";
# /System/Configuration/branding
BasicRule wl:1000,1001,1002,1003,1004,1008,1009,1010,1011,1015,1016,1205 "mz:$BODY_VAR:CustomCss|$URL:/System/Configuration/branding";
BasicRule wl:1302 "mz:$BODY_VAR:LoginDisclaimer|$URL:/System/Configuration/branding";
# /Sessions
BasicRule wl:1000 "mz:$BODY_VAR:EventName|$URL:/Sessions/Playing/Progress";
BasicRule wl:1000 "mz:$BODY_VAR:SupportedCommands|$URL:/Sessions/Capabilities";
BasicRule wl:1000 "mz:$BODY_VAR:SupportedCommands|$URL:/Sessions/Capabilities/Full";
BasicRule wl:1015 "mz:$BODY_VAR:AudioCodec|$URL:/Sessions/Capabilities/Full";
BasicRule wl:1015 "mz:$BODY_VAR:VideoCodec|$URL:/Sessions/Capabilities/Full";
BasicRule wl:1200 "mz:$HEADERS_VAR:cookie|$URL:/Sessions/Logout";
# Branding
BasicRule wl:1015 "mz:$BODY_VAR:Splashscreen|$URL:/Branding/Splashscreen";
# /Library
BasicRule wl:1005,1008,1205 "mz:$BODY_VAR:CustomTagDelimiters|$URL:/Library/VirtualFolders/LibraryOptions";
# /Playlists
BasicRule wl:1000,1015 "mz:$ARGS_VAR_X:^EnableImageTypes$|$URL_X:^/Playlists/[0-9a-f-]*/Items$";
BasicRule wl:1015 "mz:$ARGS_VAR_X:^Fields$|$URL_X:^/Playlists/[0-9a-f-]*/Items$";
# /SyncPlay
BasicRule wl:1013 "mz:$BODY_VAR:GroupName|$URL:/SyncPlay/New";
# /Videos.*
BasicRule wl:12 "mz:ARGS|$URL_X:^/videos/.*$";
BasicRule wl:17 "mz:$HEADERS_VAR_X:^accept$|$URL_X:^/Videos/.*$";
BasicRule wl:1015 "mz:ARGS|$URL_X:^/videos/.*$";
# /LiveTv
BasicRule wl:1000,1015 "mz:$ARGS_VAR:EnableImageTypes|$URL:/LiveTv/Programs/Recommended";
BasicRule wl:1015 "mz:$ARGS_VAR:Fields|$URL:/LiveTv/Programs";
BasicRule wl:1015 "mz:$ARGS_VAR:Fields|$URL:/LiveTv/Programs/Recommended";
# Playback Reporting Plugin
# /user_usage_stats
BasicRule wl:1015 "mz:$ARGS_VAR:filter|$URL:/user_usage_stats/PlayActivity";
BasicRule wl:1015 "mz:$ARGS_VAR:filter|$URL:/user_usage_stats/HourlyReport";
BasicRule wl:1015 "mz:$ARGS_VAR:filter|$URL:/user_usage_stats/DurationHistogramReport";
# Artist
BasicRule wl:1000,1015 "mz:$ARGS_VAR:fields|$URL:/Artists";
BasicRule wl:1013,1100 "mz:$ARGS_VAR:searchTerm|$URL:/Artists";
BasicRule wl:1015 "mz:$ARGS_VAR:SortBy|$URL:/Artists";
# Persons
BasicRule wl:1000,1013 "mz:$ARGS_VAR:fields|$URL:/Persons";
BasicRule wl:1015 "mz:$ARGS_VAR:SortBy|$URL:/Persons";
BasicRule wl:1100 "mz:$ARGS_VAR:searchTerm|$URL:/Persons";

10
containers/conf/angie/naxsi_rules/whitelists/whitelists/rutorrent.rules Normal file
View file

@ -0,0 +1,10 @@
BasicRule wl:1005,1010,1011,1315 "mz:$HEADERS_VAR:cookie";
BasicRule wl:1402 "mz:$HEADERS_VAR:content-type";
BasicRule wl:11 "mz:$URL:/rutorrent/php/setsettings.php|BODY";
BasicRule wl:11 "mz:$URL:/rutorrent/php/getsettings.php|BODY";
BasicRule wl:1000,1001,1015,1310,1311 "mz:$BODY_VAR:v";
BasicRule wl:1005,1008 "mz:$BODY_VAR:cookie";
BasicRule wl:1000,1100,1101,1315 "mz:$BODY_VAR:url";
BasicRule wl:1310,1311 "mz:$URL:/rutorrent/php/addtorrent.php|$ARGS_VAR:result[]|NAME";
BasicRule wl:1000,1100,1101 "mz:$ARGS_VAR:name[]";
BasicRule wl:1310,1311 "mz:$URL:/rutorrent/php/addtorrent.php|$ARGS_VAR:name[]|NAME";

26
containers/conf/angie/naxsi_rules/whitelists/whitelists/wordpress-minimal.rules Normal file
View file

@ -0,0 +1,26 @@
######### #########
###### ######
### Because of wordpress.rules is full of wl rules even got double. ###
### Thats why I start from scratch so these rules are in BETA us on own risk. ###
### I us not that many plugins and those I use only after I checked there code. ###
###### ######
######### #########
### HEADERS
BasicRule wl:1001,1315 "mz:$HEADERS_VAR:cookie";
### Theme customize
BasicRule wl:1001,1015,1310,1311 "mz:$URL_X:^/.*$|$BODY_VAR_X:^customized$|BODY";
### Widget customize
BasicRule wl:1001,1015,1310,1311 "mz:$URL_X:^/.*$|$BODY_VAR_X:^partials$|BODY";
### oEmbed API
BasicRule wl:1000,1009,1101 "mz:$URL_X:^/.*wp-json/oembed/1.0/embed|$ARGS_VAR_X:^url$";
BasicRule wl:1009,1101 "mz:$URL_X:^/.*wp-json/oembed/1.0/embed|ARGS";
BasicRule wl:1009,1101 "mz:ARGS";
### Trackbacks
BasicRule wl:1005,1008,1010,1011,1015,1016,1100,1101,1400 "mz:$URL_X:^/.*trackback$/|BODY";
BasicRule wl:1005,1008,1010,1011,1015,1016,1100,1101,1400 "mz:BODY";
BasicRule wl:1008,1010,1011,1015,1016,1100,1101,1400 "mz:$URL_X:^/.*trackback$/|$BODY_VAR_X:^excerpt$";
BasicRule wl:1008,1010,1011,1015,1016,1100,1101,1400 "mz:$BODY_VAR:excerpt";
BasicRule wl:1101 "mz:$URL_X:^/.*trackback$/|$BODY_VAR_X:^url$";
BasicRule wl:1005 "mz:$URL_X:^/.*trackback$/|$BODY_VAR_X:^title$";
BasicRule wl:1101 "mz:$BODY_VAR:url";
BasicRule wl:1005 "mz:$BODY_VAR:title";

152
containers/conf/angie/naxsi_rules/whitelists/whitelists/wordpress.rules Normal file
View file

@ -0,0 +1,152 @@
# WordPress naxsi rules
### HEADERS
BasicRule wl:1000,1001,1005,1007,1010,1011,1013,1100,1101,1200,1308,1309,1310,1311,1315 "mz:$HEADERS_VAR:cookie";
# xmlrpc
BasicRule wl:1402 "mz:$HEADERS_VAR:content-type";
### simple BODY (POST)
BasicRule wl:1001,1009,1015,1016,1101,1310,1311 "mz:$URL:/|$BODY_VAR:customized";
# comments
BasicRule wl:1000,1010,1011,1013,1015,1200,1310,1311 "mz:$BODY_VAR:post_title";
BasicRule wl:1000 "mz:$BODY_VAR:original_publish";
BasicRule wl:1000 "mz:$BODY_VAR:save";
BasicRule wl:1008,1010,1011,1013,1015 "mz:$BODY_VAR:sk2_my_js_payload";
BasicRule wl:1001,1005,1009,1016,1100,1101,1310 "mz:$BODY_VAR:url";
BasicRule wl:1009,1100,1101 "mz:$BODY_VAR:referredby";
BasicRule wl:1009,1100,1101 "mz:$BODY_VAR:_wp_original_http_referer";
BasicRule wl:1000,1001,1005,1007,1008,1009,1010,1011,1013,1015,1016,1100,1101,1200,1302,1303,1310,1311,1315,1400 "mz:$BODY_VAR:comment";
BasicRule wl:1100,1101 "mz:$BODY_VAR:redirect_to";
BasicRule wl:1000,1009,1315 "mz:$BODY_VAR:_wp_http_referer";
BasicRule wl:1000 "mz:$BODY_VAR:action";
BasicRule wl:1001,1013 "mz:$BODY_VAR:blogname";
BasicRule wl:1013,1015 "mz:$BODY_VAR:blogdescription";
BasicRule wl:1015 "mz:$BODY_VAR:date_format_custom";
BasicRule wl:1015 "mz:$BODY_VAR:date_format";
BasicRule wl:1015 "mz:$BODY_VAR:tax_input%5bpost_tag%5d";
BasicRule wl:1015 "mz:$BODY_VAR:tax_input[post_tag]";
BasicRule wl:1100,1101 "mz:$BODY_VAR:siteurl";
BasicRule wl:1100,1101 "mz:$BODY_VAR:home";
BasicRule wl:1000,1015 "mz:$BODY_VAR:submit";
# news content matches pretty much everything
BasicRule wl:0 "mz:$BODY_VAR:content";
BasicRule wl:1000 "mz:$BODY_VAR:delete_option";
BasicRule wl:1000 "mz:$BODY_VAR:prowl-msg-message";
BasicRule wl:1100,1101 "mz:$BODY_VAR:_url";
BasicRule wl:1001,1009 "mz:$BODY_VAR:c2c_text_replace%5btext_to_replace%5d";
BasicRule wl:1200 "mz:$BODY_VAR:ppn_post_note";
BasicRule wl:1100,1101 "mz:$BODY_VAR:author";
BasicRule wl:1001,1015 "mz:$BODY_VAR:excerpt";
BasicRule wl:1015 "mz:$BODY_VAR:catslist";
BasicRule wl:1005,1008,1009,1010,1011,1015,1315 "mz:$BODY_VAR:cookie";
BasicRule wl:1101 "mz:$BODY_VAR:googleplus";
BasicRule wl:1007 "mz:$BODY_VAR:name";
BasicRule wl:1007 "mz:$BODY_VAR:action";
BasicRule wl:1100,1101 "mz:$BODY_VAR:attachment%5burl%5d";
BasicRule wl:1100,1101 "mz:$BODY_VAR:attachment_url";
BasicRule wl:1001,1009,1100,1101,1302,1303,1310,1311 "mz:$BODY_VAR:html";
BasicRule wl:1015 "mz:$BODY_VAR:title";
BasicRule wl:1001,1009,1015 "mz:$BODY_VAR:recaptcha_challenge_field";
BasicRule wl:1011 "mz:$BODY_VAR:pwd";
BasicRule wl:1000 "mz:$BODY_VAR:excerpt";
### BODY|NAME
BasicRule wl:1000 "mz:$BODY_VAR:delete_option|NAME";
BasicRule wl:1000 "mz:$BODY_VAR:from|NAME";
### Simple ARGS (GET)
# WP login screen
BasicRule wl:1100,1101 "mz:$ARGS_VAR:redirect_to";
BasicRule wl:1000,1009 "mz:$ARGS_VAR:_wp_http_referer";
BasicRule wl:1000 "mz:$ARGS_VAR:wp_http_referer";
BasicRule wl:1000 "mz:$ARGS_VAR:action";
BasicRule wl:1000 "mz:$ARGS_VAR:action2";
# load and load[] GET variable
BasicRule wl:1000,1015 "mz:$ARGS_VAR:load";
BasicRule wl:1000,1015 "mz:$ARGS_VAR:load[]";
BasicRule wl:1015 "mz:$ARGS_VAR:q";
BasicRule wl:1000,1015 "mz:$ARGS_VAR:load%5b%5d";
### URL
BasicRule wl:1000 "mz:URL|$URL:/wp-admin/update-core.php";
BasicRule wl:1000 "mz:URL|$URL:/wp-admin/update.php";
BasicRule wl:1000 "mz:$URL:/wp-includes/js/imgareaselect/imgareaselect.css|URL";
BasicRule wl:1002 "mz:$URL_X:/wp-content/uploads/[0-9]{4}/[0-9]{2}/[^/]+\.jpg$|URL";
# URL|ARGS
BasicRule wl:1015 "mz:$URL:/wp-admin/load-styles.php|$ARGS_VAR:dashicons,admin-bar,wp-admin,buttons,wp-auth-check";
BasicRule wl:1000 "mz:$URL:/wp-admin/about.php|$ARGS_VAR:updated";
BasicRule wl:1009 "mz:$URL:/wp-admin/customize.php|$ARGS_VAR:return";
# URL|BODY
BasicRule wl:1009,1100,1101 "mz:$URL:/wp-admin/post.php|$BODY_VAR:_wp_http_referer";
BasicRule wl:1016 "mz:$URL:/wp-admin/post.php|$BODY_VAR:metakeyselect";
BasicRule wl:11 "mz:$URL:/xmlrpc.php|BODY";
BasicRule wl:11,16 "mz:$URL:/wp-cron.php|BODY";
BasicRule wl:2 "mz:$URL:/wp-admin/async-upload.php|BODY";
# URL|BODY|NAME
BasicRule wl:1100,1101 "mz:$URL:/wp-admin/post.php|$BODY_VAR:_wp_original_http_referer|NAME";
BasicRule wl:1000 "mz:$URL:/wp-admin/post.php|$BODY_VAR:metakeyselect|NAME";
BasicRule wl:1000 "mz:$URL:/wp-admin/user-edit.php|$BODY_VAR:from|NAME";
BasicRule wl:1100,1101 "mz:$URL:/wp-admin/admin-ajax.php|$BODY_VAR:attachment%5burl%5d|NAME";
BasicRule wl:1100,1101 "mz:$URL:/wp-admin/post.php|$BODY_VAR:attachment_url|NAME";
BasicRule wl:1000 "mz:$URL:/wp-admin/plugins.php|$BODY_VAR:verify-delete|NAME";
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/post.php|$BODY_VAR:post_category[]|NAME";
BasicRule wl:1311 "mz:$URL:/wp-admin/post.php|$BODY_VAR:post_category|NAME";
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/post.php|$BODY_VAR:tax_input[post_tag]|NAME";
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/post.php|$BODY_VAR:newtag[post_tag]|NAME";
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/users.php|$BODY_VAR:users[]|NAME";
BasicRule wl:1000 "mz:$URL:/wp-admin/update-core.php|$BODY_VAR:Update%2BTranslations|NAME";
BasicRule wl:1000 "mz:$URL:/wp-admin/update-core.php|$BODY_VAR:Update%2BNow|NAME";
# URL|ARGS|NAME
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/load-scripts.php|$ARGS_VAR:load[]|NAME";
BasicRule wl:1000 "mz:$URL:/wp-admin/users.php|$ARGS_VAR:delete_count|NAME";
BasicRule wl:1000 "mz:$URL:/wp-admin/users.php|$ARGS_VAR:update|NAME";
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/customize.php|$ARGS_VAR:autofocus[control]|NAME";
# plain WP site
BasicRule wl:1000 "mz:URL|$URL:/wp-admin/update-core.php";
BasicRule wl:1000 "mz:URL|$URL:/wp-admin/update.php";
# URL|BODY
BasicRule wl:1009,1100,1101 "mz:$URL:/wp-admin/post.php|$BODY_VAR:_wp_http_referer";
BasicRule wl:1016 "mz:$URL:/wp-admin/post.php|$BODY_VAR:metakeyselect";
BasicRule wl:11 "mz:$URL:/xmlrpc.php|BODY";
BasicRule wl:11,16 "mz:$URL:/wp-cron.php|BODY";
# URL|BODY|NAME
BasicRule wl:1100,1101 "mz:$URL:/wp-admin/post.php|$BODY_VAR:_wp_original_http_referer|NAME";
BasicRule wl:1000 "mz:$URL:/wp-admin/post.php|$BODY_VAR:metakeyselect|NAME";
BasicRule wl:1000 "mz:$URL:/wp-admin/user-edit.php|$BODY_VAR:from|NAME";
BasicRule wl:1100,1101 "mz:$URL:/wp-admin/admin-ajax.php|$BODY_VAR:attachment%5burl%5d|NAME";
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/admin-ajax.php|$BODY_VAR:data[wp-auth-check]|NAME";
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/admin-ajax.php|$BODY_VAR:data[wp-check-locked-posts][]|NAME";
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/admin-ajax.php|$BODY_VAR:data[wp-refresh-post-lock][post_id]|NAME";
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/admin-ajax.php|$BODY_VAR:data[wp-refresh-post-lock][lock]|NAME";
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/update-core.php|$BODY_VAR:checked[]|NAME";
# URL|ARGS|NAME
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/load-scripts.php|$ARGS_VAR:load[]|NAME";
BasicRule wl:1000 "mz:$URL:/wp-admin/users.php|$ARGS_VAR:delete_count|NAME";
BasicRule wl:1000 "mz:$URL:/wp-admin/users.php|$ARGS_VAR:update|NAME";
### Plugins
#WP Minify
BasicRule wl:1015 "mz:$URL:/wp-content/plugins/bwp-minify/min/|$ARGS_VAR:f";
#Jetpack Infinite Scroll
BasicRule wl:1310,1311 "mz:$BODY_VAR:scripts[]|NAME";
BasicRule wl:1310,1311 "mz:$BODY_VAR:styles[]|NAME";
BasicRule wl:1310,1311 "mz:$BODY_VAR_X:^query_args\[.*\]|NAME";
BasicRule wl:1000 "mz:$BODY_VAR:query_args[update_post_term_cache]|NAME";
BasicRule wl:1000 "mz:$BODY_VAR:query_args[update_post_meta_cache]|NAME";
#UpdraftPlus
BasicRule wl:1000 "mz:$URL:/wp-content/plugins/updraftplus/includes/select2/select2.min.css|URL";
BasicRule wl:1000 "mz:$URL:/wp-content/plugins/updraftplus/includes/select2/select2.min.js|URL";
#WP plugin updates
BasicRule wl:1315 "mz:$ARGS_VAR:query|$URL:/wp-json/jetpack/v4/jitm";
#Jetpack Google Fonts
BasicRule wl:1001 "mz:$URL_X:^/wp-content/plugins/jetpack/css/.*|URL";
#WooCommerce
BasicRule wl:1000 "mz:$URL:/wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js|URL";
BasicRule wl:1000 "mz:$URL:/wp-content/plugins/woocommerce/assets/js/selectWoo/selectWoo.full.min.js|URL";
BasicRule wl:1000 "mz:$URL:/wp-content/plugins/woocommerce/assets/js/stupidtable/stupidtable.min.js|URL";
#WPML
BasicRule wl:1000 "mz:$URL:/wp-content/plugins/sitepress-multilingual-cms/lib/select2/select2.min.js|URL";
#Yoast SEO
BasicRule wl:1000 "mz:$URL:/wp-content/plugins/wordpress-seo/js/dist/select2/select2.full.min.js|URL";
BasicRule wl:1000 "mz:$URL:/wp-content/plugins/wordpress-seo/css/dist/select2/select2.min.css|URL";

8
containers/conf/angie/naxsi_rules/whitelists/whitelists/zerobin.rules Normal file
View file

@ -0,0 +1,8 @@
# Zerobin is here in directory /paste if diffrent change $URL:/paste/ below
BasicRule wl:1015 "mz:$URL:/paste/|$BODY_VAR:data";
BasicRule wl:1315 "mz:$URL:/paste/|$HEADERS_VAR:cookie";
BasicRule wl:1001 "mz:$URL:/paste/|$BODY_VAR:data";
BasicRule wl:1009 "mz:$URL:/paste/|$BODY_VAR:data";
BasicRule wl:1009 "mz:$URL:/paste/|$BODY_VAR:nickname";
BasicRule wl:1001 "mz:$URL:/paste/|$BODY_VAR:nickname";
BasicRule wl:1015 "mz:$URL:/paste/|$BODY_VAR:nickname";

26
containers/conf/angie/naxsi_rules/whitelists/wordpress-minimal.rules Normal file
View file

@ -0,0 +1,26 @@
######### #########
###### ######
### Because of wordpress.rules is full of wl rules even got double. ###
### Thats why I start from scratch so these rules are in BETA us on own risk. ###
### I us not that many plugins and those I use only after I checked there code. ###
###### ######
######### #########
### HEADERS
BasicRule wl:1001,1315 "mz:$HEADERS_VAR:cookie";
### Theme customize
BasicRule wl:1001,1015,1310,1311 "mz:$URL_X:^/.*$|$BODY_VAR_X:^customized$|BODY";
### Widget customize
BasicRule wl:1001,1015,1310,1311 "mz:$URL_X:^/.*$|$BODY_VAR_X:^partials$|BODY";
### oEmbed API
BasicRule wl:1000,1009,1101 "mz:$URL_X:^/.*wp-json/oembed/1.0/embed|$ARGS_VAR_X:^url$";
BasicRule wl:1009,1101 "mz:$URL_X:^/.*wp-json/oembed/1.0/embed|ARGS";
BasicRule wl:1009,1101 "mz:ARGS";
### Trackbacks
BasicRule wl:1005,1008,1010,1011,1015,1016,1100,1101,1400 "mz:$URL_X:^/.*trackback$/|BODY";
BasicRule wl:1005,1008,1010,1011,1015,1016,1100,1101,1400 "mz:BODY";
BasicRule wl:1008,1010,1011,1015,1016,1100,1101,1400 "mz:$URL_X:^/.*trackback$/|$BODY_VAR_X:^excerpt$";
BasicRule wl:1008,1010,1011,1015,1016,1100,1101,1400 "mz:$BODY_VAR:excerpt";
BasicRule wl:1101 "mz:$URL_X:^/.*trackback$/|$BODY_VAR_X:^url$";
BasicRule wl:1005 "mz:$URL_X:^/.*trackback$/|$BODY_VAR_X:^title$";
BasicRule wl:1101 "mz:$BODY_VAR:url";
BasicRule wl:1005 "mz:$BODY_VAR:title";

152
containers/conf/angie/naxsi_rules/whitelists/wordpress.rules Normal file
View file

@ -0,0 +1,152 @@
# WordPress naxsi rules
### HEADERS
BasicRule wl:1000,1001,1005,1007,1010,1011,1013,1100,1101,1200,1308,1309,1310,1311,1315 "mz:$HEADERS_VAR:cookie";
# xmlrpc
BasicRule wl:1402 "mz:$HEADERS_VAR:content-type";
### simple BODY (POST)
BasicRule wl:1001,1009,1015,1016,1101,1310,1311 "mz:$URL:/|$BODY_VAR:customized";
# comments
BasicRule wl:1000,1010,1011,1013,1015,1200,1310,1311 "mz:$BODY_VAR:post_title";
BasicRule wl:1000 "mz:$BODY_VAR:original_publish";
BasicRule wl:1000 "mz:$BODY_VAR:save";
BasicRule wl:1008,1010,1011,1013,1015 "mz:$BODY_VAR:sk2_my_js_payload";
BasicRule wl:1001,1005,1009,1016,1100,1101,1310 "mz:$BODY_VAR:url";
BasicRule wl:1009,1100,1101 "mz:$BODY_VAR:referredby";
BasicRule wl:1009,1100,1101 "mz:$BODY_VAR:_wp_original_http_referer";
BasicRule wl:1000,1001,1005,1007,1008,1009,1010,1011,1013,1015,1016,1100,1101,1200,1302,1303,1310,1311,1315,1400 "mz:$BODY_VAR:comment";
BasicRule wl:1100,1101 "mz:$BODY_VAR:redirect_to";
BasicRule wl:1000,1009,1315 "mz:$BODY_VAR:_wp_http_referer";
BasicRule wl:1000 "mz:$BODY_VAR:action";
BasicRule wl:1001,1013 "mz:$BODY_VAR:blogname";
BasicRule wl:1013,1015 "mz:$BODY_VAR:blogdescription";
BasicRule wl:1015 "mz:$BODY_VAR:date_format_custom";
BasicRule wl:1015 "mz:$BODY_VAR:date_format";
BasicRule wl:1015 "mz:$BODY_VAR:tax_input%5bpost_tag%5d";
BasicRule wl:1015 "mz:$BODY_VAR:tax_input[post_tag]";
BasicRule wl:1100,1101 "mz:$BODY_VAR:siteurl";
BasicRule wl:1100,1101 "mz:$BODY_VAR:home";
BasicRule wl:1000,1015 "mz:$BODY_VAR:submit";
# news content matches pretty much everything
BasicRule wl:0 "mz:$BODY_VAR:content";
BasicRule wl:1000 "mz:$BODY_VAR:delete_option";
BasicRule wl:1000 "mz:$BODY_VAR:prowl-msg-message";
BasicRule wl:1100,1101 "mz:$BODY_VAR:_url";
BasicRule wl:1001,1009 "mz:$BODY_VAR:c2c_text_replace%5btext_to_replace%5d";
BasicRule wl:1200 "mz:$BODY_VAR:ppn_post_note";
BasicRule wl:1100,1101 "mz:$BODY_VAR:author";
BasicRule wl:1001,1015 "mz:$BODY_VAR:excerpt";
BasicRule wl:1015 "mz:$BODY_VAR:catslist";
BasicRule wl:1005,1008,1009,1010,1011,1015,1315 "mz:$BODY_VAR:cookie";
BasicRule wl:1101 "mz:$BODY_VAR:googleplus";
BasicRule wl:1007 "mz:$BODY_VAR:name";
BasicRule wl:1007 "mz:$BODY_VAR:action";
BasicRule wl:1100,1101 "mz:$BODY_VAR:attachment%5burl%5d";
BasicRule wl:1100,1101 "mz:$BODY_VAR:attachment_url";
BasicRule wl:1001,1009,1100,1101,1302,1303,1310,1311 "mz:$BODY_VAR:html";
BasicRule wl:1015 "mz:$BODY_VAR:title";
BasicRule wl:1001,1009,1015 "mz:$BODY_VAR:recaptcha_challenge_field";
BasicRule wl:1011 "mz:$BODY_VAR:pwd";
BasicRule wl:1000 "mz:$BODY_VAR:excerpt";
### BODY|NAME
BasicRule wl:1000 "mz:$BODY_VAR:delete_option|NAME";
BasicRule wl:1000 "mz:$BODY_VAR:from|NAME";
### Simple ARGS (GET)
# WP login screen
BasicRule wl:1100,1101 "mz:$ARGS_VAR:redirect_to";
BasicRule wl:1000,1009 "mz:$ARGS_VAR:_wp_http_referer";
BasicRule wl:1000 "mz:$ARGS_VAR:wp_http_referer";
BasicRule wl:1000 "mz:$ARGS_VAR:action";
BasicRule wl:1000 "mz:$ARGS_VAR:action2";
# load and load[] GET variable
BasicRule wl:1000,1015 "mz:$ARGS_VAR:load";
BasicRule wl:1000,1015 "mz:$ARGS_VAR:load[]";
BasicRule wl:1015 "mz:$ARGS_VAR:q";
BasicRule wl:1000,1015 "mz:$ARGS_VAR:load%5b%5d";
### URL
BasicRule wl:1000 "mz:URL|$URL:/wp-admin/update-core.php";
BasicRule wl:1000 "mz:URL|$URL:/wp-admin/update.php";
BasicRule wl:1000 "mz:$URL:/wp-includes/js/imgareaselect/imgareaselect.css|URL";
BasicRule wl:1002 "mz:$URL_X:/wp-content/uploads/[0-9]{4}/[0-9]{2}/[^/]+\.jpg$|URL";
# URL|ARGS
BasicRule wl:1015 "mz:$URL:/wp-admin/load-styles.php|$ARGS_VAR:dashicons,admin-bar,wp-admin,buttons,wp-auth-check";
BasicRule wl:1000 "mz:$URL:/wp-admin/about.php|$ARGS_VAR:updated";
BasicRule wl:1009 "mz:$URL:/wp-admin/customize.php|$ARGS_VAR:return";
# URL|BODY
BasicRule wl:1009,1100,1101 "mz:$URL:/wp-admin/post.php|$BODY_VAR:_wp_http_referer";
BasicRule wl:1016 "mz:$URL:/wp-admin/post.php|$BODY_VAR:metakeyselect";
BasicRule wl:11 "mz:$URL:/xmlrpc.php|BODY";
BasicRule wl:11,16 "mz:$URL:/wp-cron.php|BODY";
BasicRule wl:2 "mz:$URL:/wp-admin/async-upload.php|BODY";
# URL|BODY|NAME
BasicRule wl:1100,1101 "mz:$URL:/wp-admin/post.php|$BODY_VAR:_wp_original_http_referer|NAME";
BasicRule wl:1000 "mz:$URL:/wp-admin/post.php|$BODY_VAR:metakeyselect|NAME";
BasicRule wl:1000 "mz:$URL:/wp-admin/user-edit.php|$BODY_VAR:from|NAME";
BasicRule wl:1100,1101 "mz:$URL:/wp-admin/admin-ajax.php|$BODY_VAR:attachment%5burl%5d|NAME";
BasicRule wl:1100,1101 "mz:$URL:/wp-admin/post.php|$BODY_VAR:attachment_url|NAME";
BasicRule wl:1000 "mz:$URL:/wp-admin/plugins.php|$BODY_VAR:verify-delete|NAME";
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/post.php|$BODY_VAR:post_category[]|NAME";
BasicRule wl:1311 "mz:$URL:/wp-admin/post.php|$BODY_VAR:post_category|NAME";
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/post.php|$BODY_VAR:tax_input[post_tag]|NAME";
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/post.php|$BODY_VAR:newtag[post_tag]|NAME";
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/users.php|$BODY_VAR:users[]|NAME";
BasicRule wl:1000 "mz:$URL:/wp-admin/update-core.php|$BODY_VAR:Update%2BTranslations|NAME";
BasicRule wl:1000 "mz:$URL:/wp-admin/update-core.php|$BODY_VAR:Update%2BNow|NAME";
# URL|ARGS|NAME
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/load-scripts.php|$ARGS_VAR:load[]|NAME";
BasicRule wl:1000 "mz:$URL:/wp-admin/users.php|$ARGS_VAR:delete_count|NAME";
BasicRule wl:1000 "mz:$URL:/wp-admin/users.php|$ARGS_VAR:update|NAME";
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/customize.php|$ARGS_VAR:autofocus[control]|NAME";
# plain WP site
BasicRule wl:1000 "mz:URL|$URL:/wp-admin/update-core.php";
BasicRule wl:1000 "mz:URL|$URL:/wp-admin/update.php";
# URL|BODY
BasicRule wl:1009,1100,1101 "mz:$URL:/wp-admin/post.php|$BODY_VAR:_wp_http_referer";
BasicRule wl:1016 "mz:$URL:/wp-admin/post.php|$BODY_VAR:metakeyselect";
BasicRule wl:11 "mz:$URL:/xmlrpc.php|BODY";
BasicRule wl:11,16 "mz:$URL:/wp-cron.php|BODY";
# URL|BODY|NAME
BasicRule wl:1100,1101 "mz:$URL:/wp-admin/post.php|$BODY_VAR:_wp_original_http_referer|NAME";
BasicRule wl:1000 "mz:$URL:/wp-admin/post.php|$BODY_VAR:metakeyselect|NAME";
BasicRule wl:1000 "mz:$URL:/wp-admin/user-edit.php|$BODY_VAR:from|NAME";
BasicRule wl:1100,1101 "mz:$URL:/wp-admin/admin-ajax.php|$BODY_VAR:attachment%5burl%5d|NAME";
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/admin-ajax.php|$BODY_VAR:data[wp-auth-check]|NAME";
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/admin-ajax.php|$BODY_VAR:data[wp-check-locked-posts][]|NAME";
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/admin-ajax.php|$BODY_VAR:data[wp-refresh-post-lock][post_id]|NAME";
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/admin-ajax.php|$BODY_VAR:data[wp-refresh-post-lock][lock]|NAME";
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/update-core.php|$BODY_VAR:checked[]|NAME";
# URL|ARGS|NAME
BasicRule wl:1310,1311 "mz:$URL:/wp-admin/load-scripts.php|$ARGS_VAR:load[]|NAME";
BasicRule wl:1000 "mz:$URL:/wp-admin/users.php|$ARGS_VAR:delete_count|NAME";
BasicRule wl:1000 "mz:$URL:/wp-admin/users.php|$ARGS_VAR:update|NAME";
### Plugins
#WP Minify
BasicRule wl:1015 "mz:$URL:/wp-content/plugins/bwp-minify/min/|$ARGS_VAR:f";
#Jetpack Infinite Scroll
BasicRule wl:1310,1311 "mz:$BODY_VAR:scripts[]|NAME";
BasicRule wl:1310,1311 "mz:$BODY_VAR:styles[]|NAME";
BasicRule wl:1310,1311 "mz:$BODY_VAR_X:^query_args\[.*\]|NAME";
BasicRule wl:1000 "mz:$BODY_VAR:query_args[update_post_term_cache]|NAME";
BasicRule wl:1000 "mz:$BODY_VAR:query_args[update_post_meta_cache]|NAME";
#UpdraftPlus
BasicRule wl:1000 "mz:$URL:/wp-content/plugins/updraftplus/includes/select2/select2.min.css|URL";
BasicRule wl:1000 "mz:$URL:/wp-content/plugins/updraftplus/includes/select2/select2.min.js|URL";
#WP plugin updates
BasicRule wl:1315 "mz:$ARGS_VAR:query|$URL:/wp-json/jetpack/v4/jitm";
#Jetpack Google Fonts
BasicRule wl:1001 "mz:$URL_X:^/wp-content/plugins/jetpack/css/.*|URL";
#WooCommerce
BasicRule wl:1000 "mz:$URL:/wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js|URL";
BasicRule wl:1000 "mz:$URL:/wp-content/plugins/woocommerce/assets/js/selectWoo/selectWoo.full.min.js|URL";
BasicRule wl:1000 "mz:$URL:/wp-content/plugins/woocommerce/assets/js/stupidtable/stupidtable.min.js|URL";
#WPML
BasicRule wl:1000 "mz:$URL:/wp-content/plugins/sitepress-multilingual-cms/lib/select2/select2.min.js|URL";
#Yoast SEO
BasicRule wl:1000 "mz:$URL:/wp-content/plugins/wordpress-seo/js/dist/select2/select2.full.min.js|URL";
BasicRule wl:1000 "mz:$URL:/wp-content/plugins/wordpress-seo/css/dist/select2/select2.min.css|URL";

8
containers/conf/angie/naxsi_rules/whitelists/zerobin.rules Normal file
View file

@ -0,0 +1,8 @@
# Zerobin is here in directory /paste if diffrent change $URL:/paste/ below
BasicRule wl:1015 "mz:$URL:/paste/|$BODY_VAR:data";
BasicRule wl:1315 "mz:$URL:/paste/|$HEADERS_VAR:cookie";
BasicRule wl:1001 "mz:$URL:/paste/|$BODY_VAR:data";
BasicRule wl:1009 "mz:$URL:/paste/|$BODY_VAR:data";
BasicRule wl:1009 "mz:$URL:/paste/|$BODY_VAR:nickname";
BasicRule wl:1001 "mz:$URL:/paste/|$BODY_VAR:nickname";
BasicRule wl:1015 "mz:$URL:/paste/|$BODY_VAR:nickname";

20
containers/conf/angie/sites-available/default Normal file
View file

@ -0,0 +1,20 @@
server {
listen 80 default_server backlog=2048 reuseport fastopen=256;
listen [::]:80 default_server backlog=2048 reuseport fastopen=256;
# redirect all http traffic to https
#return 301 https://$host$request_uri;
# Reject everything on your default IP
location / { return 444; }
}
server {
listen 443 ssl reuseport fastopen=256 backlog=2048;
listen [::]:443 ssl reuseport fastopen=256 backlog=2048;
# Reject everything on your default IP
location / { return 444; }
ssl_reject_handshake on;
}

91
containers/conf/angie/sites-available/example Normal file
View file

@ -0,0 +1,91 @@
##
# You should look at the following URL's in order to grasp a solid understanding
# of angie configuration files in order to fully unleash the power of angie.
# https://www.angie.com/resources/wiki/start/
# https://www.angie.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/angie/DirectoryStructure
#
# In most cases, administrators will remove this file from sites-enabled/ and
# leave it as reference inside of sites-available where it will continue to be
# updated by the angie packaging team.
#
# This file will automatically load configuration files provided by other
# applications, such as Drupal or Wordpress. These applications will be made
# available underneath a path with that package name, such as /drupal8.
#
# Please see /usr/share/doc/angie-doc/examples/ for more detailed examples.
##
# Default server configuration
#
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.angie-debian.html;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
# fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with angie's one
#
#location ~ /\.ht {
# deny all;
#}
}
# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
# listen 80;
# listen [::]:80;
#
# server_name example.com;
#
# root /var/www/example.com;
# index index.html;
#
# location / {
# try_files $uri $uri/ =404;
# }
#}

30
containers/conf/php.ini
View file

@ -1,15 +1,15 @@
allow_url_fopen = 0
allow_url_include = 0
cgi.fix_pathinfo = 0
display_errors = 0
display_startup_errors = 0
expose_php = 0
file_uploads = On
max_execution_time = 600
max_input_time = 600
max_input_vars = 2000
memory_limit = 1024M
post_max_size = 32M
register_globals = Off
upload_max_filesize = 32M
open_basedir = "/"
allow_url_fopen=0
allow_url_include=0
cgi.fix_pathinfo=0
display_errors=0
display_startup_errors=0
expose_php=0
file_uploads=On
max_execution_time=600
max_input_time=600
max_input_vars=2000
memory_limit=1024M
open_basedir="/"
post_max_size=32M
register_globals=Off
upload_max_filesize=32M

16776
db/haiku_atelier-2026-04-01-5410760.sql Normal file
View file

File diff suppressed because one or more lines are too long

11
docs/lol/cute.ts
View file

@ -1,12 +1,5 @@
const etapes = [
"┌(・ω・)┘",
"└(・ω・)┐",
"┌(;・ω・)┘",
"└(;・ω・)┐",
"┌(;・ω・;)┘",
"└(;・ω・;)┐",
];
const assigneTexte = (texte: string): void => ELEMENTS.BOUTON_CODE_PROMO.textContent = texte;
const etapes = ["┌(・ω・)┘", "└(・ω・)┐", "┌(;・ω・)┘", "└(;・ω・)┐", "┌(;・ω・;)┘", "└(;・ω・;)┐"];
const assigneTexte = (texte: string): void => (ELEMENTS.BOUTON_CODE_PROMO.textContent = texte);
let index = 0;
const z = {};
const callback = () => {

122
dprint.json
View file

@ -1,122 +0,0 @@
{
"excludes": [
"**/node_modules",
"**/pnpm-lock.yaml",
"./lib/",
"web/app/languages",
"web/app/plugins",
"web/app/themes/haiku-atelier-2024/assets",
"web/vendor"
],
"exec": {
"cacheKey": "1",
"commands": [
{ "command": "prettier --ignore-unknown --write --stdin-filepath {{file_path}}", "exts": ["xml"] },
{ "command": "just --dump", "fileNames": ["justfile"], "stdin": true }
],
"cwd": "${originConfigDir}",
"indentWidth": 2,
"lineWidth": 120,
"timeout": 30,
"useTabs": false
},
"indentWidth": 2,
"json": {
"commentLine.forceSpaceAfterSlashes": true,
"indentWidth": 2,
"jsonTrailingCommaFiles": [".swcrc", "biome.jsonc", "settings.json", "tsconfig.json"],
"lineWidth": 120,
"newLineKind": "lf",
"preferSingleLine": true,
"trailingCommas": "never",
"useTabs": false
},
"lineWidth": 120,
"malva": {
"alignComments": true,
"attrValueQuotes": "always",
"blockSelectorLinebreak": "wrap",
"declarationOrder": null,
"formatComments": true,
"hexCase": "lower",
"hexColorLength": "short",
"indentWidth": 2,
"keyframeSelectorNotation": "keyword",
"lineBreak": "lf",
"linebreakInPseudoParens": true,
"omitNumberLeadingZero": false,
"operatorLinebreak": "before",
"preferSingleLine": true,
"printWidth": 100,
"quotes": "alwaysDouble",
"singleLineBlockThreshold": null,
"singleLineTopLevelDeclarations": false,
"trailingComma": false,
"useTabs": false
},
"markup": {
"closingBracketSameLine": false,
"closingTagLineBreakForEmpty": "never",
"component.selfClosing": false,
"doctypeKeywordCase": "lower",
"formatComments": true,
"html.normal.selfClosing": false,
"html.void.selfClosing": false,
"indentWidth": 2,
"lineBreak": "lf",
"maxAttrsPerLine": 1,
"printWidth": 120,
"quotes": "double",
"scriptFormatter": "dprint",
"scriptIndent": true,
"styleIndent": true,
"svg.selfClosing": true,
"useTabs": false,
"whitespaceSensitivity": "strict"
},
"newLineKind": "lf",
"plugins": [
"https://plugins.dprint.dev/typescript-0.95.15.wasm",
"https://plugins.dprint.dev/json-0.21.1.wasm",
"https://plugins.dprint.dev/markdown-0.21.1.wasm",
"https://plugins.dprint.dev/toml-0.7.0.wasm",
"https://plugins.dprint.dev/g-plane/malva-v0.15.2.wasm",
"https://plugins.dprint.dev/g-plane/markup_fmt-v0.26.0.wasm",
"https://plugins.dprint.dev/g-plane/pretty_yaml-v0.6.0.wasm",
"https://plugins.dprint.dev/exec-0.6.0.json@a054130d458f124f9b5c91484833828950723a5af3f8ff2bd1523bd47b83b364"
],
"toml": {
"cargo.applyConventions": true,
"comment.forceLeadingSpace": true,
"indentWidth": 2,
"lineWidth": 120,
"newLineKind": "lf",
"useTabs": false
},
"typescript": {
"arrowFunction.useParentheses": "preferNone",
"conditionalExpression.operatorPosition": "nextLine",
"conditionalExpression.preferSingleLine": true,
"exportDeclaration.sortNamedExports": "maintain",
"importDeclaration.sortNamedImports": "maintain",
"module.sortExportDeclarations": "maintain",
"module.sortImportDeclarations": "maintain",
"quoteProps": "asNeeded",
"trailingCommas": "onlyMultiLine",
"useBraces": "whenNotSingleLine"
},
"yaml": {
"braceSpacing": true,
"bracketSpacing": false,
"formatComments": true,
"indentBlockSequenceInMap": true,
"indentWidth": 2,
"lineBreak": "lf",
"preferSingleLine": false,
"printWidth": 120,
"quotes": "preferDouble",
"trailingComma": true,
"trimTrailingWhitespaces": true,
"trimTrailingZero": false
}
}

21
justfile
View file

@ -1,8 +1,4 @@
set shell := ["fish", "-c"]
set unstable := true
cacheFolder := ".cache"
prettierCacheFile := "prettiercache"
# Recette par défaut.
default: dev
@ -22,19 +18,17 @@ update:
[group('qualité')]
format:
bun prettier \
--cache \
--cache-location "{{ cacheFolder }}/{{ prettierCacheFile }}" \
--cache --cache-location ".cache/prettiercache" \
--config "cfg/prettier.config.ts" \
--ignore-path "cfg/prettierignore" \
--ignore-unknown \
--parallel-workers 8 \
--write \
.
dprint fmt
--write .
# TwigCsFixher
-vendor/bin/twig-cs-fixer fix web/app/themes/haiku-atelier-2024/
# Mago
mago fmt
# PhpCsFixer
-vendor/bin/php-cs-fixer fix --allow-risky yes
dprint --config "~/.config/dprint/dprint.jsonc" fmt
fish scripts/format-sort-files.fish
# Compile, minifie et optimise Sass vers CSS.
@ -87,7 +81,7 @@ watch-css:
# Compile TypeScript en JavaScript.
[group('js')]
build-js:
@bun vite build
@bun --bun vite build --config "cfg/vite.config.ts"
# Compile tout.
[group('css')]
@ -107,14 +101,13 @@ watch-js:
[group('qualité')]
lint-js:
-bun eslint "web/app/themes/haiku-atelier-2024/src/scripts"
-bun biome check --reporter=summary "web/app/themes/haiku-atelier-2024/src/scripts"
-bun oxlint "web/app/themes/haiku-atelier-2024/src/scripts"
# Vérifie le code Sass avec Stylelint.
[group('css')]
[group('qualité')]
lint-css:
-bun stylelint "web/app/themes/haiku-atelier-2024/src/sass/" --fix
-bun stylelint --config "cfg/stylelint.config.ts" "web/app/themes/haiku-atelier-2024/src/sass/" --fix
# Vérifie le code TypeScript mort avec knip
[group('js')]

118428
lib/openapi3_1.json
View file

File diff suppressed because it is too large Load diff

118428
lib/wp-json-openapi.json
View file

File diff suppressed because it is too large Load diff

164706
lib/wp-json-schema.json
View file

File diff suppressed because it is too large Load diff

76
mago.toml
View file

@ -8,82 +8,6 @@ threads = 8
includes = ["config", "vendor", "web/app/plugins", "web/vendor", "web/wp"]
paths = ["web/app/themes/haiku-atelier-2024"]
[formatter]
# Brace style for classes, traits, etc.
classlike-brace-style = "same_line"
# Brace style for closures.
closure-brace-style = "same_line"
# Brace style for control structures.
control-brace-style = "same_line"
# Brace style for functions.
function-brace-style = "same_line"
# Brace style for methods.
method-brace-style = "same_line"
# Maximum line length that the printer will wrap on.
print-width = 120
# Remove the trailing PHP close tag (?>) from files.
remove-trailing-close-tag = true
# Prefer single quotes over double quotes for strings.
single-quote = true
# Number of spaces per indentation level.
tab-width = 4
# Add a trailing comma to multi-line arrays, parameter lists, etc.
trailing-comma = true
# Use tabs instead of spaces for indentation.
use-tabs = false
# Place empty control structure bodies on the same line.
inline-empty-control-braces = true
# Place empty function bodies on the same line.
inline-empty-function-braces = true
# Place empty constructor bodies on the same line.
inline-empty-constructor-braces = true
# Place empty method bodies on the same line.
inline-empty-method-braces = true
# Place empty anonymous class bodies on the same line.
inline-empty-anonymous-class-braces = true
# How to break method chains.
method-chain-breaking-style = "next_line"
# Preserve existing line breaks in method chains.
preserve-breaking-member-access-chain = false
# Preserve existing line breaks in argument lists.
preserve-breaking-argument-list = false
# Preserve existing line breaks in array-like structures.
preserve-breaking-array-like = false
# Preserve existing line breaks in parameter lists.
preserve-breaking-parameter-list = false
# Preserve existing line breaks in attribute lists.
preserve-breaking-attribute-list = false
# Preserve existing line breaks in ternary expressions.
preserve-breaking-conditional-expression = false
# Always break parameter lists with promoted properties.
break-promoted-properties-list = true
# Place the binary operator on the next line when breaking.
line-before-binary-operator = true
# Always break named argument lists into multiple lines.
always-break-named-arguments-list = true
# Always break named argument lists in attributes.
always-break-attribute-named-argument-lists = true
# Use table-style alignment for arrays.
array-table-style-alignment = true
# Sort use statements alphabetically.
sort-uses = true
# Insert a blank line between different types of use statements.
separate-use-types = true
# Expand grouped use statements into individual statements.
expand-use-groups = true
# How to format null type hints (null|T vs ?T).
null-type-hint = "null_pipe"
# Add parentheses around new in member access ((new Foo)->bar()).
parentheses-around-new-in-member-access = false
# Add parentheses to new expressions without arguments (new Foo()).
parentheses-in-new-expression = true
# Add parentheses to exit and die constructs.
parentheses-in-exit-and-die = true
# Add parentheses to attributes without arguments.
parentheses-in-attribute = true
# Add a space before arrow function parameters.
space-before-arrow-function-parameter-list-parenthesis = false
[linter]
integrations = ["wordpress"]

0
mise.toml
View file

85
package.json
View file

@ -9,62 +9,60 @@
"keywords": [],
"scripts": { "knip": "knip" },
"dependencies": {
"@effect/language-service": "^0.64.1",
"@logtape/logtape": "^1.3.6",
"@effect/language-service": "^0.60.0",
"@mobily/ts-belt": "v4.0.0-rc.5",
"@sentry/browser": "^10.32.1",
"@sentry/browser": "^10.47.0",
"a11y-dialog": "^8.1.4",
"chalk": "^5.6.2",
"effect": "^3.19.14",
"lit-html": "^3.3.2",
"loglevel": "^1.9.2",
"loglevel-plugin-prefix": "^0.8.4",
"effect": "^3.21.0",
"lit-html": "^3.3.1",
"optics-ts": "^2.4.1",
"purify-ts": "2.1.2",
"ts-pattern": "^5.9.0",
"valibot": "1.1.0"
},
"devDependencies": {
"@biomejs/biome": "^2.3.11",
"@cspell/dict-fr-fr": "^2.3.2",
"@eslint/js": "^9.39.2",
"@playwright/test": "^1.57.0",
"@prettier/plugin-xml": "^3.4.2",
"@sentry/core": "^10.32.1",
"@effect/language-service": "^0.84.2",
"@gcch/configuration-eslint": "git+https://git.gcch.fr/gcch/configuration-eslint#62ee424274",
"@gcch/configuration-oxlint": "git+https://git.gcch.fr/gcch/configuration-oxlint#c53b1c1f78",
"@gcch/configuration-prettier": "git+https://git.gcch.fr/gcch/configuration-prettier#8de937e801",
"@playwright/test": "^1.59.0",
"@sentry/core": "^10.47.0",
"@swc/cli": "0.7.8",
"@types/eslint__js": "^9.14.0",
"@types/node": "^25.0.3",
"@vitejs/plugin-legacy": "^7.2.1",
"@types/bun": "^1.3.11",
"@types/node": "^25.5.0",
"@vitejs/plugin-legacy": "^8.0.1",
"better-typescript-lib": "^2.12.0",
"browserslist": "^4.28.1",
"caniuse-lite": "^1.0.30001763",
"eslint": "^9.39.2",
"eslint-plugin-oxlint": "^1.38.0",
"eslint-plugin-perfectionist": "^5.3.1",
"browserslist": "^4.28.2",
"caniuse-lite": "^1.0.30001784",
"eslint": "^10.1.0",
"eslint-plugin-functional": "^9.0.4",
"eslint-plugin-jsx-a11y": "^6.10.2",
"eslint-plugin-oxlint": "^1.58.0",
"eslint-plugin-perfectionist": "^5.7.0",
"eslint-plugin-sonarjs": "^4.0.2",
"fdir": "^6.5.0",
"globals": "^17.0.0",
"knip": "^5.80.0",
"lightningcss-cli": "^1.30.2",
"oxlint": "^1.38.0",
"picomatch": "^4.0.3",
"playwright": "^1.57.0",
"prettier": "^4.0.0-alpha.13",
"globals": "^17.4.0",
"jiti": "^2.6.1",
"knip": "^6.1.1",
"lightningcss": "^1.32.0",
"lightningcss-cli": "^1.32.0",
"oxlint": "^1.58.0",
"oxlint-tsgolint": "^0.19.0",
"prettier": "^3.8.1",
"prettier-plugin-pkg": "^0.21.2",
"prettier-plugin-sh": "^0.18.0",
"sass-embedded": "^1.97.2",
"stylelint": "^16.26.1",
"stylelint-config-clean-order": "^8.0.0",
"stylelint-config-sass-guidelines": "^12.1.0",
"stylelint-config-standard-scss": "^16.0.0",
"stylelint-declaration-block-no-ignored-properties": "^2.8.0",
"stylelint-plugin-logical-css": "^1.2.3",
"typescript": "5.9.3",
"typescript-eslint": "^8.52.0",
"vite": "^8.0.0-beta.0",
"vite-plugin-valibot-env": "^1.0.1",
"vite-tsconfig-paths": "^6.0.3",
"vitest": "^4.0.16",
"wp-types": "^4.69.0"
"sass-embedded": "^1.98.0",
"stylelint": "^17.6.0",
"stylelint-config-clean-order": "^8.0.1",
"stylelint-config-sass-guidelines": "^13.0.0",
"stylelint-config-standard-scss": "^17.0.0",
"stylelint-declaration-block-no-ignored-properties": "^3.0.0",
"stylelint-plugin-logical-css": "^2.1.0",
"typescript": "6.0.2",
"typescript-eslint": "^8.48.1",
"vite": "^8.0.3",
"vite-tsconfig-paths": "^6.1.1"
},
"browserslist": [
"chrome >0 and last 3 years",
@ -79,6 +77,5 @@
"entry": ["web/app/themes/haiku-atelier-2024/src/scripts/*.ts"],
"project": ["web/app/themes/haiku-atelier-2024/src/scripts/**/*.{js,ts,d.ts}"]
},
"trustedDependencies": ["@biomejs/biome", "@parcel/watcher", "@swc/core", "core-js", "esbuild", "lightningcss-cli"],
"overrides": { "vite": "8.0.0-beta.0" }
"trustedDependencies": ["@parcel/watcher", "core-js"]
}

954
phpactor.schema.json
View file

@ -1,492 +1,492 @@
{
"$schema": "https:\/\/json-schema.org\/draft-07\/schema",
"title": "Phpactor Configuration Schema",
"type": "object",
"properties": {
"$schema": {
"description": "Path to JSON schema, which can be used for config autocompletion, use phpactor config:initialize to update",
"default": ""
"default": "",
"description": "Path to JSON schema, which can be used for config autocompletion, use phpactor config:initialize to update"
},
"console_dumper_default": {
"description": "Name of the \"dumper\" (renderer) to use for some CLI commands",
"default": "indented"
},
"xdebug_disable": { "description": "If XDebug should be automatically disabled", "default": true },
"command": { "description": "Internal use only - name of the command which was executed" },
"core.min_memory_limit": {
"description": "Ensure that PHP has a memory_limit of at least this amount in bytes",
"default": 1610612736
},
"class_to_file.project_root": {
"description": "Root path of the project (e.g. where composer.json is)",
"default": "%project_root%"
},
"class_to_file.brute_force_conversion": {
"description": "If composer not found, fallback to scanning all files (very time consuming depending on project size)",
"default": true
},
"code_transform.class_new.variants": {
"description": "Variants which should be suggested when class-create is invoked",
"default": []
},
"code_transform.template_paths": {
"description": "Paths in which to look for code templates",
"default": ["%project_config%\/templates", "%config%\/templates"]
},
"code_transform.indentation": {
"description": "Indentation chars to use in code generation and transformation",
"default": " "
},
"code_transform.refactor.generate_accessor.prefix": {
"description": "Prefix to use for generated accessors",
"default": ""
},
"code_transform.refactor.generate_accessor.upper_case_first": {
"description": "If the first letter of a generated accessor should be made uppercase",
"default": false
},
"code_transform.refactor.generate_mutator.prefix": {
"description": "Prefix to use for generated mutators",
"default": "set"
},
"code_transform.refactor.generate_mutator.upper_case_first": {
"description": "If the first letter of a generated mutator should be made uppercase",
"default": true
},
"code_transform.refactor.generate_mutator.fluent": {
"description": "If the mutator should be fluent",
"default": false
},
"code_transform.import_globals": {
"description": "Import functions even if they are in the global namespace",
"default": false
},
"code_transform.refactor.object_fill.hint": {
"description": "Object fill refactoring: show hint as a comment",
"default": true
},
"code_transform.refactor.object_fill.named_parameters": {
"description": "Object fill refactoring: use named parameters",
"default": true
},
"completion_worse.completor.doctrine_annotation.enabled": {
"description": "Enable or disable the ``doctrine_annotation`` completor.\n\nCompletion for annotations provided by the Doctrine annotation library.",
"default": true
},
"completion_worse.completor.imported_names.enabled": {
"description": "Enable or disable the ``imported_names`` completor.\n\nCompletion for names imported into the current namespace.",
"default": true
},
"completion_worse.completor.worse_parameter.enabled": {
"description": "Enable or disable the ``worse_parameter`` completor.\n\nCompletion for method or function parameters.",
"default": true
},
"completion_worse.completor.named_parameter.enabled": {
"description": "Enable or disable the ``named_parameter`` completor.\n\nCompletion for named parameters.",
"default": true
},
"completion_worse.completor.constructor.enabled": {
"description": "Enable or disable the ``constructor`` completor.\n\nCompletion for constructors.",
"default": true
},
"completion_worse.completor.class_member.enabled": {
"description": "Enable or disable the ``class_member`` completor.\n\nCompletion for class members.",
"default": true
},
"completion_worse.completor.scf_class.enabled": {
"description": "Enable or disable the ``scf_class`` completor.\n\nBrute force completion for class names (not recommended).",
"default": true
},
"completion_worse.completor.local_variable.enabled": {
"description": "Enable or disable the ``local_variable`` completor.\n\nCompletion for local variables.",
"default": true
},
"completion_worse.completor.subscript.enabled": {
"description": "Enable or disable the ``subscript`` completor.\n\nCompletion for subscript (array access from array shapes).",
"default": true
},
"completion_worse.completor.declared_function.enabled": {
"description": "Enable or disable the ``declared_function`` completor.\n\nCompletion for functions defined in the Phpactor runtime.",
"default": true
},
"completion_worse.completor.declared_constant.enabled": {
"description": "Enable or disable the ``declared_constant`` completor.\n\nCompletion for constants defined in the Phpactor runtime.",
"default": true
},
"completion_worse.completor.declared_class.enabled": {
"description": "Enable or disable the ``declared_class`` completor.\n\nCompletion for classes defined in the Phpactor runtime.",
"default": true
},
"completion_worse.completor.expression_name_search.enabled": {
"description": "Enable or disable the ``expression_name_search`` completor.\n\nCompletion for class names, constants and functions at expression positions that are located in the index.",
"default": true
},
"completion_worse.completor.use.enabled": {
"description": "Enable or disable the ``use`` completor.\n\nCompletion for use imports.",
"default": true
},
"completion_worse.completor.attribute.enabled": {
"description": "Enable or disable the ``attribute`` completor.\n\nCompletion for attribute class names.",
"default": true
},
"completion_worse.completor.class_like.enabled": {
"description": "Enable or disable the ``class_like`` completor.\n\nCompletion for class like contexts.",
"default": true
},
"completion_worse.completor.type.enabled": {
"description": "Enable or disable the ``type`` completor.\n\nCompletion for scalar types.",
"default": true
},
"completion_worse.completor.keyword.enabled": {
"description": "Enable or disable the ``keyword`` completor.\n\nCompletion for keywords (not very accurate).",
"default": true
},
"completion_worse.completor.docblock.enabled": {
"description": "Enable or disable the ``docblock`` completor.\n\nDocblock completion.",
"default": true
},
"completion_worse.completor.constant.enabled": { "description": null, "default": false },
"completion_worse.completor.class.limit": {
"description": "Suggestion limit for the filesystem based SCF class_completor",
"default": 100
},
"completion_worse.name_completion_priority": {
"description": "Strategy to use when ordering completion results for classes and functions:\n\n- `proximity`: Classes and functions will be ordered by their proximity to the text document being edited.\n- `none`: No ordering will be applied.",
"default": "proximity"
},
"completion_worse.snippets": { "description": "Enable or disable completion snippets", "default": true },
"completion_worse.experimantal": { "description": "Enable experimental functionality", "default": false },
"completion_worse.debug": { "description": "Include debug info in completion results", "default": false },
"completion.dedupe": { "description": "If results should be de-duplicated", "default": true },
"completion.dedupe_match_fqn": {
"description": "If ``completion.dedupe``, consider the class FQN in addition to the completion suggestion",
"default": true
},
"completion.limit": { "description": "Sets a limit on the number of completion suggestions for any request" },
"completion.label_formatter": {
"description": "Definition of how to format entries in the completion list",
"default": "helpful",
"enum": ["helpful", "fqn"]
},
"navigator.destinations": { "description": null, "default": [] },
"navigator.autocreate": { "description": null, "default": [] },
"rpc.store_replay": { "description": "Should replays be stored?", "default": false },
"rpc.replay_path": { "description": "Path where the replays should be stored", "default": "%cache%\/replay.json" },
"source_code_filesystem.project_root": { "description": null, "default": "%project_root%" },
"language_server_code_transform.import_globals": {
"description": "Show hints for non-imported global classes and functions",
"default": false
},
"worse_reflection.enable_cache": { "description": "If reflection caching should be enabled", "default": true },
"worse_reflection.cache_lifetime": {
"description": "If caching is enabled, limit the amount of time a cache entry can stay alive",
"default": 1
},
"worse_reflection.enable_context_location": {
"description": "If source code is passed to a ``Reflector`` then temporarily make it available as a\nsource location. Note this should NOT be enabled if the source code can be\nlocated in another (e.g. when running a Language Server)",
"default": true
},
"worse_reflection.cache_dir": {
"description": "Cache directory for stubs",
"default": "%cache%\/worse-reflection"
},
"worse_reflection.stub_dir": {
"description": "Location of the core PHP stubs - these will be scanned and cached on the first request",
"default": "%application_root%\/vendor\/jetbrains\/phpstorm-stubs"
},
"worse_reflection.diagnostics.undefined_variable.suggestion_levenshtein_disatance": {
"description": "Levenshtein distance to use when suggesting corrections for variable names",
"type": ["integer"],
"default": 4
},
"file_path_resolver.project_root": { "description": null, "default": "\/opt\/phpactor" },
"file_path_resolver.app_name": { "description": null, "default": "phpactor" },
"file_path_resolver.application_root": { "description": null },
"file_path_resolver.enable_cache": { "description": null, "default": true },
"file_path_resolver.enable_logging": { "description": null, "default": true },
"logging.enabled": { "description": null, "type": ["boolean"], "default": false },
"logging.fingers_crossed": { "description": null, "type": ["boolean"], "default": false },
"logging.path": { "description": null, "type": ["string"], "default": "application.log" },
"logging.level": {
"description": null,
"type": ["string"],
"default": "warning",
"enum": ["emergency", "alert", "critical", "error", "warning", "notice", "info", "debug"]
},
"logger.name": { "description": null, "type": ["string"], "default": "logger" },
"logging.formatter": { "description": null },
"composer.enable": {
"description": "Include of the projects autoloader to facilitate class location. Note that when including an autoloader code _may_ be executed. This option may be disabled when using the indexer",
"default": true
},
"composer.autoloader_path": {
"description": "Path to project's autoloader, can be an array",
"default": "%project_root%\/vendor\/autoload.php"
},
"composer.autoload_deregister": {
"description": "Immediately de-register the autoloader once it has been included (prevent conflicts with Phpactor's autoloader). Some platforms may require this to be disabled",
"default": true
},
"composer.class_maps_only": {
"description": "Register the composer class maps only, do not register the autoloader - RECOMMENDED",
"default": true
},
"console.verbosity": { "description": "Verbosity level", "default": 32, "enum": [16, 32, 64, 128, 256] },
"console.decorated": {
"description": "Whether to decorate messages (null for auto-guessing)",
"enum": [true, false, null]
},
"php.version": {
"description": "Consider this value to be the project\\'s version of PHP (e.g. `7.4`). If omitted\nit will check `composer.json` (by the configured platform then the PHP requirement) before\nfalling back to the PHP version of the current process."
},
"language_server.catch_errors": { "description": null, "default": true },
"language_server.enable_workspace": {
"description": "If workspace management \/ text synchronization should be enabled (this isn't required for some language server implementations, e.g. static analyzers)",
"default": true
},
"language_server.session_parameters": {
"description": "Phpactor parameters (config) that apply only to the language server session",
"default": []
},
"language_server.method_alias_map": {
"description": "Allow method names to be re-mapped. Useful for maintaining backwards compatibility",
"default": []
},
"language_server.diagnostic_sleep_time": {
"description": "Amount of time to wait before analyzing the code again for diagnostics",
"default": 1000
},
"language_server.diagnostics_on_update": {
"description": "Perform diagnostics when the text document is updated",
"default": true
},
"language_server.diagnostics_on_save": {
"description": "Perform diagnostics when the text document is saved",
"default": true
},
"language_server.diagnostics_on_open": {
"description": "Perform diagnostics when opening a text document",
"default": true
},
"language_server.diagnostic_providers": {
"description": "Specify which diagnostic providers should be active (default to all)"
},
"language_server.diagnostic_outsource": {
"description": "If applicable diagnostics should be \"outsourced\" to a different process",
"default": true
},
"language_server.diagnostic_exclude_paths": {
"description": "List of paths to exclude from diagnostics, e.g. `vendor\/**\/*`",
"default": []
},
"language_server.file_events": { "description": "Register to receive file events", "default": true },
"language_server.file_event_globs": { "description": null, "default": ["**\/*.php"] },
"language_server.profile": { "description": "Logs timing information for incoming LSP requests", "default": false },
"language_server.trace": {
"description": "Log incoming and outgoing messages (needs log formatter to be set to ``json``)",
"default": false
},
"language_server.shutdown_grace_period": {
"description": "Amount of time (in milliseconds) to wait before responding to a shutdown notification",
"default": 200
},
"language_server.phpactor_bin": {
"description": "Internal use only - name path to Phpactor binary",
"default": "\/opt\/phpactor\/lib\/Extension\/LanguageServer\/..\/..\/..\/bin\/phpactor"
},
"language_server.self_destruct_timeout": {
"description": "Wait this amount of time (in milliseconds) after a shutdown request before self-destructing",
"default": 2500
},
"language_server.diagnostic_outsource_timeout": {
"description": "Kill the diagnostics process if it outlives this timeout",
"default": 5
},
"language_server_completion.trim_leading_dollar": {
"description": "If the leading dollar should be trimmed for variable completion suggestions",
"default": false
},
"language_server_reference_reference_finder.reference_timeout": {
"description": "Stop searching for references after this time (in seconds) has expired",
"default": 60
},
"language_server_worse_reflection.workspace_index.update_interval": {
"description": "Minimum interval to update the workspace index as documents are updated (in milliseconds)",
"default": 100
},
"language_server_worse_reflection.inlay_hints.enable": {
"description": "Enable inlay hints (experimental)",
"default": false
},
"language_server_worse_reflection.inlay_hints.types": {
"description": "Show inlay type hints for variables",
"default": false
},
"language_server_worse_reflection.inlay_hints.params": {
"description": "Show inlay hints for parameters",
"default": true
},
"language_server_worse_reflection.diagnostics.enable": { "description": "Enable diagnostics", "default": true },
"language_server_indexer.workspace_symbol_search_limit": { "description": null, "default": 250 },
"language_server_indexer.reindex_timeout": {
"description": "Unconditionally reindex modified files every N seconds",
"default": 300
},
"language_server_code_transform.import_name.report_non_existing_names": {
"description": "Show an error if a diagnostic name cannot be resolved - can produce false positives",
"default": true
},
"language_server_configuration.auto_config": {
"description": "Prompt to enable extensions which apply to your project on language server start",
"type": ["boolean"],
"default": true
},
"indexer.enabled_watchers": {
"description": "List of allowed watchers. The first watcher that supports the current system will be used",
"type": ["object"],
"default": ["inotify", "watchman", "find", "php"]
},
"indexer.index_path": {
"description": "Path where the index should be saved",
"type": ["string"],
"default": "%cache%\/index\/%project_id%"
},
"indexer.include_patterns": {
"description": "Glob patterns to include while indexing",
"type": ["object"],
"default": ["\/**\/*.php", "\/**\/*.phar"]
},
"indexer.exclude_patterns": {
"description": "Glob patterns to exclude while indexing",
"type": ["object"],
"default": ["\/vendor\/**\/Tests\/**\/*", "\/vendor\/**\/tests\/**\/*", "\/vendor\/composer\/**\/*"]
},
"indexer.stub_paths": {
"description": "Paths to external folders to index. They will be indexed only once, if you want to take any changes into account you will have to reindex your project manually.",
"type": ["object"],
"default": []
},
"indexer.poll_time": {
"description": "For polling indexers only: the time, in milliseconds, between polls (e.g. filesystem scans)",
"type": ["integer"],
"default": 5000
},
"indexer.buffer_time": {
"description": "For real-time indexers only: the time, in milliseconds, to buffer the results",
"type": ["integer"],
"default": 500
},
"indexer.follow_symlinks": {
"description": "To allow indexer to follow symlinks",
"type": ["boolean"],
"default": false
},
"indexer.project_root": {
"description": "The root path to use for scanning the index",
"type": ["string"],
"default": "%project_root%"
},
"indexer.reference_finder.deep": {
"description": "Recurse over class implementations to resolve all references",
"type": ["boolean"],
"default": true
},
"indexer.implementation_finder.deep": {
"description": "Recurse over class implementations to resolve all class implementations (not just the classes directly implementing the subject)",
"type": ["boolean"],
"default": true
},
"indexer.supported_extensions": {
"description": "File extensions (e.g. `php`) for files that should be indexed",
"type": ["object"],
"default": ["php", "phar"]
},
"object_renderer.template_paths.markdown": {
"description": "Paths in which to look for templates for hover information.",
"default": ["%project_config%\/templates\/markdown", "%config%\/templates\/markdown"]
},
"language_server_phpstan.bin": {
"description": "Path to the PHPStan executable",
"default": "%project_root%\/vendor\/bin\/phpstan"
},
"language_server_phpstan.level": { "description": "Override the PHPStan level" },
"language_server_phpstan.config": { "description": "Override the PHPStan configuration file" },
"language_server_phpstan.mem_limit": { "description": "Override the PHPStan memory limit" },
"language_server_psalm.bin": {
"description": "Path to psalm if different from vendor\/bin\/psalm",
"type": ["string"],
"default": "%project_root%\/vendor\/bin\/psalm"
},
"language_server_psalm.show_info": {
"description": "If infos from psalm should be displayed",
"type": ["boolean"],
"default": true
},
"language_server_psalm.use_cache": {
"description": "If the Psalm cache should be used (see the `--no-cache` option)",
"type": ["boolean"],
"default": true
},
"language_server_psalm.error_level": {
"description": "Override level at which Psalm should report errors (lower => more errors)"
},
"language_server_psalm.threads": {
"description": "Set the number of threads Psalm should use. Warning: NULL will use as many as possible and may crash your computer",
"type": ["integer"],
"default": 1
},
"language_server_psalm.timeout": {
"description": "Kill the psalm process after this number of seconds",
"type": ["integer"],
"default": 15
},
"language_server_php_cs_fixer.bin": {
"description": "Path to the php-cs-fixer executable",
"default": "%project_root%\/vendor\/bin\/php-cs-fixer"
},
"language_server_php_cs_fixer.env": {
"description": "Environment for PHP CS Fixer (e.g. to set PHP_CS_FIXER_IGNORE_ENV)",
"default": { "XDEBUG_MODE": "off", "PHP_CS_FIXER_IGNORE_ENV": true }
},
"language_server_php_cs_fixer.show_diagnostics": {
"description": "Whether PHP CS Fixer diagnostics are shown",
"default": true
},
"language_server_php_cs_fixer.config": {
"description": "Set custom PHP CS config path. Ex., %project_root%\/.php-cs-fixer.php"
},
"php_code_sniffer.bin": {
"description": "Path to the phpcs executable",
"default": "%project_root%\/vendor\/bin\/phpcs"
},
"php_code_sniffer.env": {
"description": "Environment for PHP_CodeSniffer (e.g. to set XDEBUG_MODE)",
"default": { "XDEBUG_MODE": "off" }
},
"php_code_sniffer.show_diagnostics": {
"description": "Whether PHP_CodeSniffer diagnostics are shown",
"default": true
},
"php_code_sniffer.args": { "description": "Additional arguments to pass to the PHPCS process", "default": [] },
"php_code_sniffer.cwd": { "description": "Working directory for PHPCS" },
"behat.config_path": {
"description": "Path to the main behat.yml (including the filename behat.yml)",
"default": "%project_root%\/behat.yml"
"default": "%project_root%\/behat.yml",
"description": "Path to the main behat.yml (including the filename behat.yml)"
},
"behat.symfony.di_xml_path": {
"description": "If using Symfony, set this path to the XML container dump to find contexts which are defined as services"
},
"symfony.xml_path": {
"description": "Path to the Symfony container XML dump file",
"default": "%project_root%\/var\/cache\/dev\/App_KernelDevDebugContainer.xml"
"class_to_file.brute_force_conversion": {
"default": true,
"description": "If composer not found, fallback to scanning all files (very time consuming depending on project size)"
},
"class_to_file.project_root": {
"default": "%project_root%",
"description": "Root path of the project (e.g. where composer.json is)"
},
"code_transform.class_new.variants": {
"default": [],
"description": "Variants which should be suggested when class-create is invoked"
},
"code_transform.import_globals": {
"default": false,
"description": "Import functions even if they are in the global namespace"
},
"code_transform.indentation": {
"default": " ",
"description": "Indentation chars to use in code generation and transformation"
},
"code_transform.refactor.generate_accessor.prefix": {
"default": "",
"description": "Prefix to use for generated accessors"
},
"code_transform.refactor.generate_accessor.upper_case_first": {
"default": false,
"description": "If the first letter of a generated accessor should be made uppercase"
},
"code_transform.refactor.generate_mutator.fluent": {
"default": false,
"description": "If the mutator should be fluent"
},
"code_transform.refactor.generate_mutator.prefix": {
"default": "set",
"description": "Prefix to use for generated mutators"
},
"code_transform.refactor.generate_mutator.upper_case_first": {
"default": true,
"description": "If the first letter of a generated mutator should be made uppercase"
},
"code_transform.refactor.object_fill.hint": {
"default": true,
"description": "Object fill refactoring: show hint as a comment"
},
"code_transform.refactor.object_fill.named_parameters": {
"default": true,
"description": "Object fill refactoring: use named parameters"
},
"code_transform.template_paths": {
"default": ["%project_config%\/templates", "%config%\/templates"],
"description": "Paths in which to look for code templates"
},
"command": { "description": "Internal use only - name of the command which was executed" },
"completion.dedupe": { "default": true, "description": "If results should be de-duplicated" },
"completion.dedupe_match_fqn": {
"default": true,
"description": "If ``completion.dedupe``, consider the class FQN in addition to the completion suggestion"
},
"completion.label_formatter": {
"default": "helpful",
"description": "Definition of how to format entries in the completion list",
"enum": ["helpful", "fqn"]
},
"completion.limit": { "description": "Sets a limit on the number of completion suggestions for any request" },
"completion_worse.completor.attribute.enabled": {
"default": true,
"description": "Enable or disable the ``attribute`` completor.\n\nCompletion for attribute class names."
},
"completion_worse.completor.class.limit": {
"default": 100,
"description": "Suggestion limit for the filesystem based SCF class_completor"
},
"completion_worse.completor.class_like.enabled": {
"default": true,
"description": "Enable or disable the ``class_like`` completor.\n\nCompletion for class like contexts."
},
"completion_worse.completor.class_member.enabled": {
"default": true,
"description": "Enable or disable the ``class_member`` completor.\n\nCompletion for class members."
},
"completion_worse.completor.constant.enabled": { "default": false, "description": null },
"completion_worse.completor.constructor.enabled": {
"default": true,
"description": "Enable or disable the ``constructor`` completor.\n\nCompletion for constructors."
},
"completion_worse.completor.declared_class.enabled": {
"default": true,
"description": "Enable or disable the ``declared_class`` completor.\n\nCompletion for classes defined in the Phpactor runtime."
},
"completion_worse.completor.declared_constant.enabled": {
"default": true,
"description": "Enable or disable the ``declared_constant`` completor.\n\nCompletion for constants defined in the Phpactor runtime."
},
"completion_worse.completor.declared_function.enabled": {
"default": true,
"description": "Enable or disable the ``declared_function`` completor.\n\nCompletion for functions defined in the Phpactor runtime."
},
"completion_worse.completor.docblock.enabled": {
"default": true,
"description": "Enable or disable the ``docblock`` completor.\n\nDocblock completion."
},
"completion_worse.completor.doctrine_annotation.enabled": {
"default": true,
"description": "Enable or disable the ``doctrine_annotation`` completor.\n\nCompletion for annotations provided by the Doctrine annotation library."
},
"completion_worse.completor.expression_name_search.enabled": {
"default": true,
"description": "Enable or disable the ``expression_name_search`` completor.\n\nCompletion for class names, constants and functions at expression positions that are located in the index."
},
"completion_worse.completor.imported_names.enabled": {
"default": true,
"description": "Enable or disable the ``imported_names`` completor.\n\nCompletion for names imported into the current namespace."
},
"completion_worse.completor.keyword.enabled": {
"default": true,
"description": "Enable or disable the ``keyword`` completor.\n\nCompletion for keywords (not very accurate)."
},
"completion_worse.completor.local_variable.enabled": {
"default": true,
"description": "Enable or disable the ``local_variable`` completor.\n\nCompletion for local variables."
},
"completion_worse.completor.named_parameter.enabled": {
"default": true,
"description": "Enable or disable the ``named_parameter`` completor.\n\nCompletion for named parameters."
},
"completion_worse.completor.scf_class.enabled": {
"default": true,
"description": "Enable or disable the ``scf_class`` completor.\n\nBrute force completion for class names (not recommended)."
},
"completion_worse.completor.subscript.enabled": {
"default": true,
"description": "Enable or disable the ``subscript`` completor.\n\nCompletion for subscript (array access from array shapes)."
},
"completion_worse.completor.symfony.enabled": {
"description": "Enable\/disable the Symfony completor - depends on Symfony extension being enabled",
"default": true
"default": true,
"description": "Enable\/disable the Symfony completor - depends on Symfony extension being enabled"
},
"completion_worse.completor.type.enabled": {
"default": true,
"description": "Enable or disable the ``type`` completor.\n\nCompletion for scalar types."
},
"completion_worse.completor.use.enabled": {
"default": true,
"description": "Enable or disable the ``use`` completor.\n\nCompletion for use imports."
},
"completion_worse.completor.worse_parameter.enabled": {
"default": true,
"description": "Enable or disable the ``worse_parameter`` completor.\n\nCompletion for method or function parameters."
},
"completion_worse.debug": { "default": false, "description": "Include debug info in completion results" },
"completion_worse.experimantal": { "default": false, "description": "Enable experimental functionality" },
"completion_worse.name_completion_priority": {
"default": "proximity",
"description": "Strategy to use when ordering completion results for classes and functions:\n\n- `proximity`: Classes and functions will be ordered by their proximity to the text document being edited.\n- `none`: No ordering will be applied."
},
"completion_worse.snippets": { "default": true, "description": "Enable or disable completion snippets" },
"composer.autoload_deregister": {
"default": true,
"description": "Immediately de-register the autoloader once it has been included (prevent conflicts with Phpactor's autoloader). Some platforms may require this to be disabled"
},
"composer.autoloader_path": {
"default": "%project_root%\/vendor\/autoload.php",
"description": "Path to project's autoloader, can be an array"
},
"composer.class_maps_only": {
"default": true,
"description": "Register the composer class maps only, do not register the autoloader - RECOMMENDED"
},
"composer.enable": {
"default": true,
"description": "Include of the projects autoloader to facilitate class location. Note that when including an autoloader code _may_ be executed. This option may be disabled when using the indexer"
},
"console.decorated": {
"description": "Whether to decorate messages (null for auto-guessing)",
"enum": [true, false, null]
},
"console.verbosity": { "default": 32, "description": "Verbosity level", "enum": [16, 32, 64, 128, 256] },
"console_dumper_default": {
"default": "indented",
"description": "Name of the \"dumper\" (renderer) to use for some CLI commands"
},
"core.min_memory_limit": {
"default": 1610612736,
"description": "Ensure that PHP has a memory_limit of at least this amount in bytes"
},
"file_path_resolver.app_name": { "default": "phpactor", "description": null },
"file_path_resolver.application_root": { "description": null },
"file_path_resolver.enable_cache": { "default": true, "description": null },
"file_path_resolver.enable_logging": { "default": true, "description": null },
"file_path_resolver.project_root": { "default": "\/opt\/phpactor", "description": null },
"indexer.buffer_time": {
"default": 500,
"description": "For real-time indexers only: the time, in milliseconds, to buffer the results",
"type": ["integer"]
},
"indexer.enabled_watchers": {
"default": ["inotify", "watchman", "find", "php"],
"description": "List of allowed watchers. The first watcher that supports the current system will be used",
"type": ["object"]
},
"indexer.exclude_patterns": {
"default": ["\/vendor\/**\/Tests\/**\/*", "\/vendor\/**\/tests\/**\/*", "\/vendor\/composer\/**\/*"],
"description": "Glob patterns to exclude while indexing",
"type": ["object"]
},
"indexer.follow_symlinks": {
"default": false,
"description": "To allow indexer to follow symlinks",
"type": ["boolean"]
},
"indexer.implementation_finder.deep": {
"default": true,
"description": "Recurse over class implementations to resolve all class implementations (not just the classes directly implementing the subject)",
"type": ["boolean"]
},
"indexer.include_patterns": {
"default": ["\/**\/*.php", "\/**\/*.phar"],
"description": "Glob patterns to include while indexing",
"type": ["object"]
},
"indexer.index_path": {
"default": "%cache%\/index\/%project_id%",
"description": "Path where the index should be saved",
"type": ["string"]
},
"indexer.poll_time": {
"default": 5000,
"description": "For polling indexers only: the time, in milliseconds, between polls (e.g. filesystem scans)",
"type": ["integer"]
},
"indexer.project_root": {
"default": "%project_root%",
"description": "The root path to use for scanning the index",
"type": ["string"]
},
"indexer.reference_finder.deep": {
"default": true,
"description": "Recurse over class implementations to resolve all references",
"type": ["boolean"]
},
"indexer.stub_paths": {
"default": [],
"description": "Paths to external folders to index. They will be indexed only once, if you want to take any changes into account you will have to reindex your project manually.",
"type": ["object"]
},
"indexer.supported_extensions": {
"default": ["php", "phar"],
"description": "File extensions (e.g. `php`) for files that should be indexed",
"type": ["object"]
},
"language_server.catch_errors": { "default": true, "description": null },
"language_server.diagnostic_exclude_paths": {
"default": [],
"description": "List of paths to exclude from diagnostics, e.g. `vendor\/**\/*`"
},
"language_server.diagnostic_outsource": {
"default": true,
"description": "If applicable diagnostics should be \"outsourced\" to a different process"
},
"language_server.diagnostic_outsource_timeout": {
"default": 5,
"description": "Kill the diagnostics process if it outlives this timeout"
},
"language_server.diagnostic_providers": {
"description": "Specify which diagnostic providers should be active (default to all)"
},
"language_server.diagnostic_sleep_time": {
"default": 1000,
"description": "Amount of time to wait before analyzing the code again for diagnostics"
},
"language_server.diagnostics_on_open": {
"default": true,
"description": "Perform diagnostics when opening a text document"
},
"language_server.diagnostics_on_save": {
"default": true,
"description": "Perform diagnostics when the text document is saved"
},
"language_server.diagnostics_on_update": {
"default": true,
"description": "Perform diagnostics when the text document is updated"
},
"language_server.enable_workspace": {
"default": true,
"description": "If workspace management \/ text synchronization should be enabled (this isn't required for some language server implementations, e.g. static analyzers)"
},
"language_server.file_event_globs": { "default": ["**\/*.php"], "description": null },
"language_server.file_events": { "default": true, "description": "Register to receive file events" },
"language_server.method_alias_map": {
"default": [],
"description": "Allow method names to be re-mapped. Useful for maintaining backwards compatibility"
},
"language_server.phpactor_bin": {
"default": "\/opt\/phpactor\/lib\/Extension\/LanguageServer\/..\/..\/..\/bin\/phpactor",
"description": "Internal use only - name path to Phpactor binary"
},
"language_server.profile": { "default": false, "description": "Logs timing information for incoming LSP requests" },
"language_server.self_destruct_timeout": {
"default": 2500,
"description": "Wait this amount of time (in milliseconds) after a shutdown request before self-destructing"
},
"language_server.session_parameters": {
"default": [],
"description": "Phpactor parameters (config) that apply only to the language server session"
},
"language_server.shutdown_grace_period": {
"default": 200,
"description": "Amount of time (in milliseconds) to wait before responding to a shutdown notification"
},
"language_server.trace": {
"default": false,
"description": "Log incoming and outgoing messages (needs log formatter to be set to ``json``)"
},
"language_server_code_transform.import_globals": {
"default": false,
"description": "Show hints for non-imported global classes and functions"
},
"language_server_code_transform.import_name.report_non_existing_names": {
"default": true,
"description": "Show an error if a diagnostic name cannot be resolved - can produce false positives"
},
"language_server_completion.trim_leading_dollar": {
"default": false,
"description": "If the leading dollar should be trimmed for variable completion suggestions"
},
"language_server_configuration.auto_config": {
"default": true,
"description": "Prompt to enable extensions which apply to your project on language server start",
"type": ["boolean"]
},
"language_server_indexer.reindex_timeout": {
"default": 300,
"description": "Unconditionally reindex modified files every N seconds"
},
"language_server_indexer.workspace_symbol_search_limit": { "default": 250, "description": null },
"language_server_php_cs_fixer.bin": {
"default": "%project_root%\/vendor\/bin\/php-cs-fixer",
"description": "Path to the php-cs-fixer executable"
},
"language_server_php_cs_fixer.config": {
"description": "Set custom PHP CS config path. Ex., %project_root%\/.php-cs-fixer.php"
},
"language_server_php_cs_fixer.env": {
"default": { "PHP_CS_FIXER_IGNORE_ENV": true, "XDEBUG_MODE": "off" },
"description": "Environment for PHP CS Fixer (e.g. to set PHP_CS_FIXER_IGNORE_ENV)"
},
"language_server_php_cs_fixer.show_diagnostics": {
"default": true,
"description": "Whether PHP CS Fixer diagnostics are shown"
},
"language_server_phpstan.bin": {
"default": "%project_root%\/vendor\/bin\/phpstan",
"description": "Path to the PHPStan executable"
},
"language_server_phpstan.config": { "description": "Override the PHPStan configuration file" },
"language_server_phpstan.level": { "description": "Override the PHPStan level" },
"language_server_phpstan.mem_limit": { "description": "Override the PHPStan memory limit" },
"language_server_psalm.bin": {
"default": "%project_root%\/vendor\/bin\/psalm",
"description": "Path to psalm if different from vendor\/bin\/psalm",
"type": ["string"]
},
"language_server_psalm.error_level": {
"description": "Override level at which Psalm should report errors (lower => more errors)"
},
"language_server_psalm.show_info": {
"default": true,
"description": "If infos from psalm should be displayed",
"type": ["boolean"]
},
"language_server_psalm.threads": {
"default": 1,
"description": "Set the number of threads Psalm should use. Warning: NULL will use as many as possible and may crash your computer",
"type": ["integer"]
},
"language_server_psalm.timeout": {
"default": 15,
"description": "Kill the psalm process after this number of seconds",
"type": ["integer"]
},
"language_server_psalm.use_cache": {
"default": true,
"description": "If the Psalm cache should be used (see the `--no-cache` option)",
"type": ["boolean"]
},
"language_server_reference_reference_finder.reference_timeout": {
"default": 60,
"description": "Stop searching for references after this time (in seconds) has expired"
},
"language_server_worse_reflection.diagnostics.enable": { "default": true, "description": "Enable diagnostics" },
"language_server_worse_reflection.inlay_hints.enable": {
"default": false,
"description": "Enable inlay hints (experimental)"
},
"language_server_worse_reflection.inlay_hints.params": {
"default": true,
"description": "Show inlay hints for parameters"
},
"language_server_worse_reflection.inlay_hints.types": {
"default": false,
"description": "Show inlay type hints for variables"
},
"language_server_worse_reflection.workspace_index.update_interval": {
"default": 100,
"description": "Minimum interval to update the workspace index as documents are updated (in milliseconds)"
},
"logger.name": { "default": "logger", "description": null, "type": ["string"] },
"logging.enabled": { "default": false, "description": null, "type": ["boolean"] },
"logging.fingers_crossed": { "default": false, "description": null, "type": ["boolean"] },
"logging.formatter": { "description": null },
"logging.level": {
"default": "warning",
"description": null,
"enum": ["emergency", "alert", "critical", "error", "warning", "notice", "info", "debug"],
"type": ["string"]
},
"logging.path": { "default": "application.log", "description": null, "type": ["string"] },
"navigator.autocreate": { "default": [], "description": null },
"navigator.destinations": { "default": [], "description": null },
"object_renderer.template_paths.markdown": {
"default": ["%project_config%\/templates\/markdown", "%config%\/templates\/markdown"],
"description": "Paths in which to look for templates for hover information."
},
"php.version": {
"description": "Consider this value to be the project\\'s version of PHP (e.g. `7.4`). If omitted\nit will check `composer.json` (by the configured platform then the PHP requirement) before\nfalling back to the PHP version of the current process."
},
"php_code_sniffer.args": { "default": [], "description": "Additional arguments to pass to the PHPCS process" },
"php_code_sniffer.bin": {
"default": "%project_root%\/vendor\/bin\/phpcs",
"description": "Path to the phpcs executable"
},
"php_code_sniffer.cwd": { "description": "Working directory for PHPCS" },
"php_code_sniffer.env": {
"default": { "XDEBUG_MODE": "off" },
"description": "Environment for PHP_CodeSniffer (e.g. to set XDEBUG_MODE)"
},
"php_code_sniffer.show_diagnostics": {
"default": true,
"description": "Whether PHP_CodeSniffer diagnostics are shown"
},
"public_services_only": {
"description": "Only consider public services when providing analysis for the service locator",
"default": false
}
}
"default": false,
"description": "Only consider public services when providing analysis for the service locator"
},
"rpc.replay_path": { "default": "%cache%\/replay.json", "description": "Path where the replays should be stored" },
"rpc.store_replay": { "default": false, "description": "Should replays be stored?" },
"source_code_filesystem.project_root": { "default": "%project_root%", "description": null },
"symfony.xml_path": {
"default": "%project_root%\/var\/cache\/dev\/App_KernelDevDebugContainer.xml",
"description": "Path to the Symfony container XML dump file"
},
"worse_reflection.cache_dir": {
"default": "%cache%\/worse-reflection",
"description": "Cache directory for stubs"
},
"worse_reflection.cache_lifetime": {
"default": 1,
"description": "If caching is enabled, limit the amount of time a cache entry can stay alive"
},
"worse_reflection.diagnostics.undefined_variable.suggestion_levenshtein_disatance": {
"default": 4,
"description": "Levenshtein distance to use when suggesting corrections for variable names",
"type": ["integer"]
},
"worse_reflection.enable_cache": { "default": true, "description": "If reflection caching should be enabled" },
"worse_reflection.enable_context_location": {
"default": true,
"description": "If source code is passed to a ``Reflector`` then temporarily make it available as a\nsource location. Note this should NOT be enabled if the source code can be\nlocated in another (e.g. when running a Language Server)"
},
"worse_reflection.stub_dir": {
"default": "%application_root%\/vendor\/jetbrains\/phpstorm-stubs",
"description": "Location of the core PHP stubs - these will be scanned and cached on the first request"
},
"xdebug_disable": { "default": true, "description": "If XDebug should be automatically disabled" }
},
"title": "Phpactor Configuration Schema",
"type": "object"
}

8
prettier.config.js
View file

@ -1,8 +0,0 @@
import { configClassique, configXml } from "@gcch/configuration-prettier";
const config = {
...configClassique,
overrides: [configXml],
};
export default config;

8
rector.php
View file

@ -1,4 +1,6 @@
<?php declare(strict_types=1);
<?php
declare(strict_types=1);
use Rector\Config\RectorConfig;
@ -15,10 +17,10 @@ return RectorConfig::configure()
importDocBlockNames: true,
importNames: true,
importShortClasses: true,
removeUnusedImports: true,
removeUnusedImports: true
)
->withPreparedSets(
carbon: true,
instanceOf: true,
privatization: true,
privatization: true
);

1
scripts/SUBSET.fish
View file

@ -8,7 +8,6 @@ pyftsubset \
--unicodes="U+0000-00FF,U+0131,U+0152-0153,U+02BB-02BC,U+02C6,U+02DA,U+02DC,U+2000-206F,U+2074,U+20AC,U+2122,U+2191,U+2193,U+2212,U+2215,U+FEFF,U+FFFD" \
--with-zopfli
pyftsubset \
lato-variable-italic.ttf \
--desubroutinize \

0
scripts/déclenche-sauvegarde-bdd-production.fish Normal file → Executable file
View file

0
scripts/format-sort-files.fish Normal file → Executable file
View file

12
scripts/pull-container-images.ts
View file

@ -6,12 +6,10 @@ import { type ReadonlyRecord } from "effect/Record";
const COMPOSE_PATH = "compose.yaml";
const getServicesKey = (
yaml: ReadonlyRecord<string | symbol, any>,
): Option.Option<ReadonlyArray<string>> =>
const getServicesKey = (yaml: ReadonlyRecord<string | symbol, any>): Option.Option<ReadonlyArray<string>> =>
pipe(
Record.get("services")(yaml),
Option.andThen(yaml => Record.keys(yaml)),
Option.andThen((yaml) => Record.keys(yaml)),
);
const getComposeYaml = <A, I, R>(
@ -25,17 +23,17 @@ const getComposeYaml = <A, I, R>(
Effect.andThen((yaml: unknown) => Schema.decodeUnknown(schema)(yaml)),
);
const programEffect: Effect.Effect<ReadonlyArray<string>> = Effect.gen(function*() {
const programEffect: Effect.Effect<ReadonlyArray<string>> = Effect.gen(function* () {
return yield* pipe(
// Récupère le contenu du fichier compose.yaml sous forme de Record.
getComposeYaml(COMPOSE_PATH, Schema.Record({ key: Schema.String, value: Schema.Unknown })),
// Récupère la clé des services.
Effect.andThen((yaml: ReadonlyRecord<string | symbol, unknown>) => getServicesKey(yaml)),
// Retire la clé de l'image WordPress.
Effect.andThen((keys: ReadonlyArray<string>) => Array.filter(keys, key => key !== "wordpress")),
Effect.andThen((keys: ReadonlyArray<string>) => Array.filter(keys, (key) => key !== "wordpress")),
Effect.orElseSucceed(() => [""]),
// Exécute la commande podman.
Effect.tap(services => Bun.spawn({ cmd: ["podman", "compose", "pull", ...services], timeout: 10000 })),
Effect.tap((services) => Bun.spawn({ cmd: ["podman", "compose", "pull", ...services], timeout: 10000 })),
);
});

4
scripts/remove-scaled-images.php
View file

@ -1,4 +1,6 @@
<?php declare(strict_types=1);
<?php
declare(strict_types=1);
require_once 'web/wp/wp-load.php';

0
scripts/sauvegarde-bdd-production.fish Normal file → Executable file
View file

6
tests/playwright/product.spec.ts
View file

@ -42,7 +42,7 @@ export const test = base.extend<ProductsFixture>({
const hasStock = (product: WCV3Product) => (product.stock_quantity ?? 0) > 0;
const hasNoStock = (product: WCV3Product) => pipe(hasStock(product), not);
const allProducts = await response.json() as WCV3Products;
const allProducts = (await response.json()) as WCV3Products;
const simpleProducts = allProducts.filter(isSimpleProduct);
const simpleProductsWithStock = simpleProducts.filter(hasStock);
const simpleProductsWithoutStock = simpleProducts.filter(hasNoStock);
@ -77,9 +77,7 @@ test("can add a Product without variation with stock to the Cart", async ({ prod
await expect(addToCartButton, "The add to cart button must be enabled").toBeEnabled();
// Vérifie qu'au clic sur le bouton, l'ajout au Panier retourne un succès.
const addToCartResponse: Promise<Response> = page.waitForResponse(
new RegExp(".*/wp-json/wc/store/cart/add-item"),
);
const addToCartResponse: Promise<Response> = page.waitForResponse(new RegExp(".*/wp-json/wc/store/cart/add-item"));
await addToCartButton.click();
const addToCartStatus = (await addToCartResponse).ok();
expect(addToCartStatus, "The cart addition must succeed").toBeTruthy();

12
tests/playwright/shop.spec.ts
View file

@ -24,8 +24,8 @@ const getAllProductsLinks = async (page: Page, request: APIRequestContext): Prom
const response = await request.get("/wp-json/wc/v3/products?page=1&per_page=100&status=publish", {
headers: { Nonce: backendHeaders.nonce, Authorization: `Basic ${backendHeaders.authString}` },
});
const json = await response.json() as WCV3Products;
const links = json.map(p => p.permalink);
const json = (await response.json()) as WCV3Products;
const links = json.map((p) => p.permalink);
return links;
};
@ -38,7 +38,7 @@ const scrollToGridsEnd = async (page: Page): Promise<void> => {
const productsGrid: Locator = page.locator(".grille-produits");
await expect(productsGrid, "The Product's grid is visible").toBeVisible();
expect(await (productsGrid.getAttribute("data-page")), "The initial page number attribute is correct").toBe(
expect(await productsGrid.getAttribute("data-page"), "The initial page number attribute is correct").toBe(
currentPageNumber,
);
@ -46,9 +46,7 @@ const scrollToGridsEnd = async (page: Page): Promise<void> => {
await expect(showMoreButton, "The 'Show more' button is visible").toBeVisible();
while (hasMoreProducts) {
const newProductsResponse: Promise<Response> = page.waitForResponse(
new RegExp(".*wp-json\/wc\/v3\/products.*"),
);
const newProductsResponse: Promise<Response> = page.waitForResponse(new RegExp(".*wp-json\/wc\/v3\/products.*"));
await showMoreButton.click();
await newProductsResponse;
@ -58,7 +56,7 @@ const scrollToGridsEnd = async (page: Page): Promise<void> => {
await gridWithNewPageNumber.waitFor();
// Redondance pour expliciter la raison de l'assertion.
expect(await (productsGrid.getAttribute("data-page")), "The page number attribute is incremented").toBe(
expect(await productsGrid.getAttribute("data-page"), "The page number attribute is incremented").toBe(
newPageNumber,
);
currentPageNumber = newPageNumber;

2
tests/playwright/utils.ts
View file

@ -12,7 +12,7 @@ export type BackendHeaders = {
export const getBackendHeadersFromHtml = async (page: Page): Promise<BackendHeaders> => {
const backendHeaders: BackendHeaders | undefined = pipe(
Option.fromNullable(await page.locator("#injection-v2").textContent()),
Option.andThen(j => JSON.parse(j) as BackendHeaders),
Option.andThen((j) => JSON.parse(j) as BackendHeaders),
Option.getOrUndefined,
);

8
tsconfig.json
View file

@ -8,12 +8,12 @@
"allowUnusedLabels": false,
"alwaysStrict": true,
"checkJs": true,
"downlevelIteration": false,
"esModuleInterop": true,
"exactOptionalPropertyTypes": true,
"forceConsistentCasingInFileNames": true,
"isolatedModules": true,
"lib": ["DOM", "DOM.Iterable", "ESNext"],
"lib": ["DOM", "DOM.Iterable", "DOM.AsyncIterable", "ESNext"],
"libReplacement": true,
"module": "ESNext",
"moduleDetection": "force",
"moduleResolution": "Bundler",
@ -36,13 +36,11 @@
"strictFunctionTypes": true,
"strictNullChecks": true,
"strictPropertyInitialization": true,
"suppressExcessPropertyErrors": false,
"suppressImplicitAnyIndexErrors": false,
"target": "ESNext",
"types": ["node", "vite/client"],
"useDefineForClassFields": true,
"useUnknownInCatchVariables": true
},
"exclude": ["vendor", "web/app/plugins", "web/wp"],
"include": ["*.js", "lib", "web/app/themes/haiku-atelier-2024/src", "vite.config.ts", "tests"]
"include": ["**/*.js", "**/*.ts"]
}

1
web/app/mu-plugins/bedrock-autoloader.php
View file

@ -1,4 +1,5 @@
<?php
/**
* Plugin Name: Bedrock Autoloader
* Plugin URI: https://github.com/roots/bedrock-autoloader

2
web/app/mu-plugins/no-deprecations.php
View file

@ -1,3 +1,3 @@
<?php
error_reporting(E_ALL & ~E_WARNING & ~E_DEPRECATED & ~E_USER_DEPRECATED & ~E_NOTICE);
?>

28
web/app/themes/haiku-atelier-2024/404.php
View file

@ -1,32 +1,32 @@
<?php
declare(strict_types=1);
/**
* Le modèle de la Page 404.
*/
declare(strict_types=1);
use HaikuAtelier\WP\Resource;
use Timber\Timber;
// Contexte et modèles
$contexte = Timber::context();
$modeles = ['404.twig'];
$context = Timber::context();
$templates = ['404.twig'];
// Charge les scripts et styles de la page
/**
* Charge les scripts et styles de la page.
*
* @throws Exception une exception est levée s'il est impossible d'obtenir la date de modification du fichier à charger
*/
function charge_scripts_styles_page_404(): void {
wp_enqueue_style(
Resource::enqueue_style_file(
handle: 'haiku-atelier-2024-styles-page-a-propos',
src: get_template_directory_uri() . '/assets/css/pages/page-modele-simple.css',
deps: [],
ver: filemtime(get_template_directory() . '/assets/css/pages/page-modele-simple.css'),
media: 'all',
path: '/assets/css/pages/page-modele-simple.css'
);
}
add_action('wp_enqueue_scripts', 'charge_scripts_styles_page_404');
// Rendu
Timber::render(
filenames: $modeles,
data: $contexte,
data: $context,
filenames: $templates
);

60
web/app/themes/haiku-atelier-2024/archive-product.php
View file

@ -1,63 +1,55 @@
<?php
declare(strict_types=1);
/**
* Le modèle de la Page Boutique (« E-Shop »).
*/
declare(strict_types=1);
use HaikuAtelier\Data\Product;
use HaikuAtelier\WP\Resource;
use Timber\Timber;
require_once __DIR__ . '/src/inc/TraitementInformations.php';
// Contexte et modèles
$contexte = Timber::context();
$modeles = ['boutique.twig'];
$context = Timber::context();
$templates = ['boutique.twig'];
/** @var list<WC_Product> $informations_produits Les informations brutes des Produits. */
$informations_produits = wc_get_products([
'limit' => 12,
'order' => 'DESC',
'orderby' => 'date',
'status' => 'publish',
]);
/** @var list<WC_Product> $wc_products Les informations brutes des Produits. */
$wc_products = wc_get_products(['limit' => 12, 'order' => 'DESC', 'orderby' => 'date', 'status' => 'publish']);
/** @var mixed $produits Les informations strictement nécessaires pour la grille des Produits. */
$produits = array_map(
callback: recupere_informations_produit_shop(...),
array: $informations_produits,
$products = array_map(
callback: Product::new(...),
array: $wc_products
);
$contexte['produits'] = $produits;
$context['products'] = $products;
/**
* Charge les Scripts nécessaires pour la page Boutique.
* Charge les scripts et styles de la page.
*
* @throws Exception une exception est levée s'il est impossible d'obtenir la date de modification du fichier à charger
*/
function charge_scripts_page_boutique(): void {
wp_enqueue_style(
Resource::enqueue_style_file(
handle: 'haiku-atelier-2024-styles-page-boutique',
src: get_template_directory_uri() . '/assets/css/pages/page-boutique.css',
deps: [],
ver: filemtime(get_template_directory() . '/assets/css/pages/page-boutique.css'),
media: 'all',
path: '/assets/css/pages/page-boutique.css'
);
wp_enqueue_script_module(
Resource::enqueue_script_module_file(
id: 'haiku-atelier-2024-scripts-page-boutique',
src: get_template_directory_uri() . '/assets/js/scripts-page-boutique.js',
deps: [],
version: filemtime(get_template_directory() . '/assets/js/scripts-page-boutique.js'),
path: '/assets/js/scripts-page-boutique.js'
);
wp_enqueue_script_module(
Resource::enqueue_script_module_file(
id: 'haiku-atelier-2024-scripts-menu-categories',
src: get_template_directory_uri() . '/assets/js/scripts-menu-categories.js',
deps: [],
version: filemtime(get_template_directory() . '/assets/js/scripts-menu-categories.js'),
path: '/assets/js/scripts-menu-categories.js'
);
}
add_action('wp_enqueue_scripts', 'charge_scripts_page_boutique');
// Rendu
// $lal = wp_json_encode($context);
// echo "<script>console.debug({$lal});</script>";
Timber::render(
filenames: $modeles,
data: $contexte,
data: $context,
filenames: $templates
);

193
web/app/themes/haiku-atelier-2024/assets/css/main.css
View file

@ -4,16 +4,66 @@
font-weight: 100 900;
font-style: normal;
font-display: swap;
src: url("/app/themes/haiku-atelier-2024/assets/fonts/lato/lato-variable-webfont.woff2") format(woff2) tech(variations), url("/app/themes/haiku-atelier-2024/assets/fonts/lato/lato-variable-webfont.woff2") format("woff2-variations"), url("/app/themes/haiku-atelier-2024/assets/fonts/lato/lato-variable-webfont.woff2") format("woff2"), url("/app/themes/haiku-atelier-2024/assets/fonts/lato/lato-variable-webfont.ttf") format("truetype");
unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
src:
url("/app/themes/haiku-atelier-2024/assets/fonts/lato/lato-variable-webfont.woff2")
format(woff2) tech(variations),
url("/app/themes/haiku-atelier-2024/assets/fonts/lato/lato-variable-webfont.woff2")
format("woff2-variations"),
url("/app/themes/haiku-atelier-2024/assets/fonts/lato/lato-variable-webfont.woff2")
format("woff2"),
url("/app/themes/haiku-atelier-2024/assets/fonts/lato/lato-variable-webfont.ttf")
format("truetype");
unicode-range:
U+0000-00FF,
U+0131,
U+0152-0153,
U+02BB-02BC,
U+02C6,
U+02DA,
U+02DC,
U+2000-206F,
U+2074,
U+20AC,
U+2122,
U+2191,
U+2193,
U+2212,
U+2215,
U+FEFF,
U+FFFD;
}
@font-face {
font-family: Lato;
font-weight: 100 900;
font-style: italic;
font-display: swap;
src: url("/app/themes/haiku-atelier-2024/assets/fonts/lato/lato-variable-italic-webfont.woff2") format(woff2) tech(variations), url("/app/themes/haiku-atelier-2024/assets/fonts/lato/lato-variable-italic-webfont.woff2") format("woff2-variations"), url("/app/themes/haiku-atelier-2024/assets/fonts/lato/lato-variable-italic-webfont.woff2") format("woff2"), url("/app/themes/haiku-atelier-2024/assets/fonts/lato/lato-variable-italic-webfont.ttf") format("truetype");
unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
src:
url("/app/themes/haiku-atelier-2024/assets/fonts/lato/lato-variable-italic-webfont.woff2")
format(woff2) tech(variations),
url("/app/themes/haiku-atelier-2024/assets/fonts/lato/lato-variable-italic-webfont.woff2")
format("woff2-variations"),
url("/app/themes/haiku-atelier-2024/assets/fonts/lato/lato-variable-italic-webfont.woff2")
format("woff2"),
url("/app/themes/haiku-atelier-2024/assets/fonts/lato/lato-variable-italic-webfont.ttf")
format("truetype");
unicode-range:
U+0000-00FF,
U+0131,
U+0152-0153,
U+02BB-02BC,
U+02C6,
U+02DA,
U+02DC,
U+2000-206F,
U+2074,
U+20AC,
U+2122,
U+2191,
U+2193,
U+2212,
U+2215,
U+FEFF,
U+FFFD;
}
@font-face {
font-family: Myriad;
@ -21,7 +71,10 @@
font-style: normal;
font-display: swap;
font-stretch: 70% 110%;
src: url("/app/themes/haiku-atelier-2024/assets/fonts/myriad/myriad-variable.woff2") format("woff2"), url("/app/themes/haiku-atelier-2024/assets/fonts/myriad/myriad-variable.ttf") format("truetype");
src:
url("/app/themes/haiku-atelier-2024/assets/fonts/myriad/myriad-variable.woff2") format("woff2"),
url("/app/themes/haiku-atelier-2024/assets/fonts/myriad/myriad-variable.ttf")
format("truetype");
}
@font-face {
font-family: Myriad;
@ -29,11 +82,15 @@
font-style: italic;
font-display: swap;
font-stretch: 70% 110%;
src: url("/app/themes/haiku-atelier-2024/assets/fonts/myriad/myriad-variable-italic.woff2") format("woff2"), url("/app/themes/haiku-atelier-2024/assets/fonts/myriad/myriad-variable-italic.ttf") format("truetype");
src:
url("/app/themes/haiku-atelier-2024/assets/fonts/myriad/myriad-variable-italic.woff2")
format("woff2"),
url("/app/themes/haiku-atelier-2024/assets/fonts/myriad/myriad-variable-italic.ttf")
format("truetype");
}
:root {
/* Couleurs */
--couleur-blanc: #fff;
--couleur-blanc: #ffffff;
--couleur-blanc-fond: rgb(255 255 255 / 90%);
--couleur-gris: #eceaeb;
--couleur-gris-fonce: #808080;
@ -176,14 +233,15 @@ button, input, select, textarea {
html {
font: 1rem/var(--hauteur-ligne-classique) Lato;
font-optical-sizing: auto;
font-variant-ligatures: common-ligatures no-discretionary-ligatures no-historical-ligatures
contextual;
font-kerning: normal;
font-variant-ligatures: common-ligatures no-discretionary-ligatures no-historical-ligatures contextual;
-webkit-font-smoothing: antialiased; /* 2 */
color: var(--couleur-noir);
text-decoration-skip-ink: auto;
text-size-adjust: none; /* 2 */
text-rendering: geometricprecision; /* 3 */
letter-spacing: var(--espacement-inter-lettres-etendu-s);
-webkit-font-smoothing: antialiased; /* 2 */
}
strong {
@ -224,7 +282,8 @@ button:not[disabled]:active {
}
}
button:disabled, button[disabled] {
background: repeating-conic-gradient(var(--couleur-noir) 0% 25%, transparent 0% 100%) 1px 0.5px/2px 2px;
background: repeating-conic-gradient(var(--couleur-noir) 0% 25%, transparent 0% 100%) 1px
0.5px/2px 2px;
outline-color: transparent;
}
button.bouton-case-pleine {
@ -294,27 +353,41 @@ input, select, textarea {
background: var(--couleur-gris);
transition: 0.2s background;
}
input:focus-visible, input:focus-within, input:active, select:focus-visible, select:focus-within, select:active, textarea:focus-visible, textarea:focus-within, textarea:active {
input:focus-visible,
input:focus-within,
input:active,
select:focus-visible,
select:focus-within,
select:active,
textarea:focus-visible,
textarea:focus-within,
textarea:active {
z-index: 10;
outline: 2px dashed var(--couleur-noir);
}
input:disabled, input[disabled], select:disabled, select[disabled], textarea:disabled, textarea[disabled] {
background: repeating-conic-gradient(var(--couleur-noir) 0% 25%, transparent 0% 100%) 1px 0.5px/2px 2px;
input:disabled,
input[disabled],
select:disabled,
select[disabled],
textarea:disabled,
textarea[disabled] {
background: repeating-conic-gradient(var(--couleur-noir) 0% 25%, transparent 0% 100%) 1px
0.5px/2px 2px;
outline-color: transparent;
}
input:is([type=email], [type=text], [type=tel])::placeholder, textarea::placeholder {
input:is([type="email"], [type="text"], [type="tel"])::placeholder, textarea::placeholder {
text-transform: lowercase;
letter-spacing: var(--espacement-inter-lettres-etendu-s);
}
input:is([type=email], [type=text], [type=tel])::selection, textarea::selection {
input:is([type="email"], [type="text"], [type="tel"])::selection, textarea::selection {
color: var(--couleur-blanc);
background: var(--couleur-noir);
}
input:is([type=email], [type=text], [type=tel]):user-valid, textarea:user-valid {
input:is([type="email"], [type="text"], [type="tel"]):user-valid, textarea:user-valid {
background: var(--couleur-jaune);
}
input:is([type=email], [type=text], [type=tel]):user-invalid, textarea:user-invalid {
input:is([type="email"], [type="text"], [type="tel"]):user-invalid, textarea:user-invalid {
background: var(--couleur-gris);
}
@ -322,7 +395,7 @@ input, label, select, textarea {
cursor: pointer;
}
input[type=checkbox], input[type=radio] {
input[type="checkbox"], input[type="radio"] {
width: var(--espace-l);
height: var(--espace-l);
padding: initial;
@ -330,48 +403,50 @@ input[type=checkbox], input[type=radio] {
appearance: none;
transition: 0.2s background;
}
input[type=checkbox]:checked, input[type=radio]:checked {
input[type="checkbox"]:checked, input[type="radio"]:checked {
background: var(--couleur-jaune);
}
input[type=checkbox]:checked::before, input[type=radio]:checked::before {
input[type="checkbox"]:checked::before, input[type="radio"]:checked::before {
content: "x";
position: relative;
bottom: 0.1rem;
left: 0.35rem;
}
@media (hover: hover) {
input[type=checkbox]:checked:hover, input[type=radio]:checked:hover {
input[type="checkbox"]:checked:hover, input[type="radio"]:checked:hover {
color: var(--couleur-noir);
}
}
input[type=checkbox]:not(:checked):user-valid, input[type=radio]:not(:checked):user-valid {
input[type="checkbox"]:not(:checked):user-valid, input[type="radio"]:not(:checked):user-valid {
background: initial;
}
input[type=checkbox], input[type=radio] {
input[type="checkbox"], input[type="radio"] {
/*
* 1. Pour un alignement parfait du label avec la case à cocher.
*/
}
label:has(~ input[type=checkbox], ~ input[type=radio]), input[type=checkbox] + label, input[type=radio] + label {
label:has(~ input[type="checkbox"], ~ input[type="radio"]),
input[type="checkbox"] + label,
input[type="radio"] + label {
padding-top: 1px; /* 1 */
font-size: 0.9rem;
}
@media (hover: hover) {
input[type=checkbox]:hover, input[type=radio]:hover {
input[type="checkbox"]:hover, input[type="radio"]:hover {
background: var(--couleur-jaune);
}
}
input[type=radio] {
input[type="radio"] {
border-radius: 100%;
appearance: initial;
}
input[type=radio]:checked {
input[type="radio"]:checked {
display: inline-flex;
place-content: center;
place-items: center;
}
input[type=radio]:checked::before {
input[type="radio"]:checked::before {
content: " ";
inset: initial;
display: inline-block;
@ -413,7 +488,14 @@ a {
text-decoration: underline; /* 1 */
text-decoration-color: transparent; /* 1 */
text-decoration-skip-ink: auto; /* 1 */
transition: 0.2s background, 0.2s border-color, 0.2s color, 0.2s font-weight, 0.2s outline-color, 0.2s letter-spacing, 0.2s text-decoration-color; /* 3 */
transition:
0.2s background,
0.2s border-color,
0.2s color,
0.2s font-weight,
0.2s outline-color,
0.2s letter-spacing,
0.2s text-decoration-color; /* 3 */
text-decoration-skip: edges; /* 1 */
/* Change les couleurs de l'arrière-plan et du contour pour marquer le focus. */
}
@ -499,7 +581,9 @@ ul.avec-puce-cercle {
}
ul.avec-puce-cercle a {
padding-left: var(--liste-puce-cercle-lien-marges-internes-ligne-debut); /* 1 */
background: no-repeat var(--liste-puce-cercle-puce-position-horizontale) center/var(--liste-puce-cercle-puce-taille) url("/app/themes/haiku-atelier-2024/assets/img/icons/dot.svg"); /* 2 */
background: no-repeat var(--liste-puce-cercle-puce-position-horizontale) center/var(
--liste-puce-cercle-puce-taille
) url("/app/themes/haiku-atelier-2024/assets/img/icons/dot.svg"); /* 2 */
}
/* * Styles pour un bandeau défilant. */
@ -546,7 +630,7 @@ ul.avec-puce-cercle a {
transform: translateX(-100%);
}
}
body:has(#menu-mobile:not([aria-hidden=true])) {
body:has(#menu-mobile:not([aria-hidden="true"])) {
touch-action: none;
overflow: hidden;
}
@ -566,11 +650,11 @@ body:has(#menu-mobile:not([aria-hidden=true])) {
transition: display 400ms allow-discrete;
-webkit-overflow-scrolling: none;
}
#menu-mobile[aria-hidden=true] {
#menu-mobile[aria-hidden="true"] {
display: none;
animation: fade-out 400ms both;
}
#menu-mobile[aria-hidden=true] .menu-modale__fond {
#menu-mobile[aria-hidden="true"] .menu-modale__fond {
animation: fade-out 400ms both;
}
#menu-mobile .menu-modale__fond {
@ -702,11 +786,13 @@ body:has(#menu-mobile:not([aria-hidden=true])) {
/* Dispositions */
--liste-puce-cercle-puce-position-horizontale: 3.5ch; /* 3 */
}
#en-tete .menu-navigation__entree:has(a[aria-current=page]) {
background: url("/app/themes/haiku-atelier-2024/assets/img/icons/cloud-penche.svg") center/auto 90% no-repeat;
#en-tete .menu-navigation__entree:has(a[aria-current="page"]) {
background: url("/app/themes/haiku-atelier-2024/assets/img/icons/cloud-penche.svg") center/auto
90% no-repeat;
}
#en-tete .menu-navigation__entree--courante {
background: url("/app/themes/haiku-atelier-2024/assets/img/icons/cloud-penche.svg") center/auto 90% no-repeat;
background: url("/app/themes/haiku-atelier-2024/assets/img/icons/cloud-penche.svg") center/auto
90% no-repeat;
}
#en-tete .menu-navigation__entree a {
display: inline-block; /* 1 */
@ -715,7 +801,8 @@ body:has(#menu-mobile:not([aria-hidden=true])) {
}
@media (hover: hover) {
#en-tete .menu-navigation__entree:hover {
background: url("/app/themes/haiku-atelier-2024/assets/img/icons/cloud-penche.svg") center/auto 90% no-repeat;
background: url("/app/themes/haiku-atelier-2024/assets/img/icons/cloud-penche.svg") center/auto
90% no-repeat;
}
}
@media (width <= 1000px) {
@ -731,21 +818,24 @@ body:has(#menu-mobile:not([aria-hidden=true])) {
text-align: center;
}
#en-tete .compte-panier[disabled] {
background: repeating-conic-gradient(var(--couleur-noir) 0% 25%, transparent 0% 100%) 1px 0.5px/2px 2px;
background: repeating-conic-gradient(var(--couleur-noir) 0% 25%, transparent 0% 100%) 1px
0.5px/2px 2px;
}
#en-tete .compte-panier[disabled] a:hover, #en-tete .compte-panier[disabled] a:active, #en-tete .compte-panier[disabled] a:focus-within {
#en-tete .compte-panier[disabled] a:hover,
#en-tete .compte-panier[disabled] a:active,
#en-tete .compte-panier[disabled] a:focus-within {
border: 1px solid var(--couleur-noir);
background: initial;
}
#en-tete .compte-panier a {
text-transform: lowercase;
padding-block: var(--espace-2xs);
padding-inline: var(--espace-s);
text-transform: lowercase;
}
#en-tete .compte-panier a.lien-compte {
border-color: transparent;
}
#en-tete .compte-panier a[data-contient-articles=true] {
#en-tete .compte-panier a[data-contient-articles="true"] {
background: var(--couleur-jaune);
}
#en-tete .conteneur {
@ -827,7 +917,8 @@ body:has(#menu-mobile:not([aria-hidden=true])) {
}
#menu-categories-produits ul {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(var(--menu-entree-longueur-minimale), 1fr)); /* 1 */
grid-template-columns:
repeat(auto-fit, minmax(var(--menu-entree-longueur-minimale), 1fr)); /* 1 */
gap: 1px;
place-items: center;
/*
@ -938,7 +1029,9 @@ body:has(#menu-mobile:not([aria-hidden=true])) {
top: var(--colonne-gauche-position-haut);
height: var(--colonne-gauche-photo-hauteur);
}
.photos-produit .colonne.colonne-gauche figure, .photos-produit .colonne.colonne-gauche picture, .photos-produit .colonne.colonne-gauche img {
.photos-produit .colonne.colonne-gauche figure,
.photos-produit .colonne.colonne-gauche picture,
.photos-produit .colonne.colonne-gauche img {
height: 100%;
}
.photos-produit .colonne.colonne-droite img {
@ -1013,7 +1106,8 @@ body:has(#menu-mobile:not([aria-hidden=true])) {
--carte-produit-longueur-maximale: 1000px;
display: grid;
grid-auto-rows: 1fr;
grid-template-columns: repeat(auto-fit, minmax(var(--carte-produit-longueur-minimale), 1fr)); /* 1 */
grid-template-columns:
repeat(auto-fit, minmax(var(--carte-produit-longueur-minimale), 1fr)); /* 1 */
gap: 1px; /* 2 */
min-height: var(--grille-produits-hauteur-minimale);
}
@ -1278,7 +1372,9 @@ body:has(#menu-mobile:not([aria-hidden=true])) {
.details-produit__textes .section-textuelle:not(:last-of-type) {
border-block-end: 1px solid var(--couleur-noir);
}
.details-produit__textes .section-textuelle:has(button[aria-expanded=false]) .section-textuelle__contenu {
.details-produit__textes
.section-textuelle:has(button[aria-expanded="false"])
.section-textuelle__contenu {
display: none;
}
.details-produit__textes .section-textuelle h3 {
@ -1378,7 +1474,10 @@ body:has(#menu-mobile:not([aria-hidden=true])) {
position: relative;
}
@media (hover: hover) {
.produits-similaires .grille-produits-similaires article figure a:hover .produit__illustration__survol {
.produits-similaires
.grille-produits-similaires
article figure a:hover
.produit__illustration__survol {
visibility: visible;
opacity: 1;
transition: 0.3s opacity, 0.3s visibility;
@ -1452,4 +1551,4 @@ body:has(#menu-mobile:not([aria-hidden=true])) {
text-align: right;
}
/*# sourceMappingURL=main.css.map */
/* # sourceMappingURL=main.css.map */

2
web/app/themes/haiku-atelier-2024/assets/css/main.css.map
View file

File diff suppressed because one or more lines are too long

2
web/app/themes/haiku-atelier-2024/assets/css/main.min.css vendored
View file

File diff suppressed because one or more lines are too long

2
web/app/themes/haiku-atelier-2024/assets/css/pages/page-a-propos.css
View file

@ -156,4 +156,4 @@
}
}
/*# sourceMappingURL=page-a-propos.css.map */
/* # sourceMappingURL=page-a-propos.css.map */

10
web/app/themes/haiku-atelier-2024/assets/css/pages/page-accueil.css
View file

@ -41,8 +41,14 @@
margin: auto;
visibility: visible;
opacity: 1;
mask-image: linear-gradient(
var(--mask-direction, to right),
hsla(0, 0%, 0%, 0),
hsl(0, 0%, 0%) 20%,
hsl(0, 0%, 0%) 80%,
hsla(0, 0%, 0%, 0)
);
transition: 1s opacity ease-in-out, 1s visibility ease-in-out;
mask-image: linear-gradient(var(--mask-direction, to right), hsla(0, 0%, 0%, 0), hsl(0, 0%, 0%) 20%, hsl(0, 0%, 0%) 80%, hsla(0, 0%, 0%, 0));
}
#page-accueil .storytelling__animation[hidden] {
display: grid !important;
@ -112,4 +118,4 @@
}
}
/*# sourceMappingURL=page-accueil.css.map */
/* # sourceMappingURL=page-accueil.css.map */

2
web/app/themes/haiku-atelier-2024/assets/css/pages/page-accueil.css.map
View file

@ -1 +1 @@
{"version":3,"sourceRoot":"","sources":["../../../src/sass/pages/page-accueil.scss"],"names":[],"mappings":";AAEA;EAEE;EAGA;EACA;EAEA;EACA;EACA;EACA;EACA;EACA;;AAEA;EACE;EACA;EACA;EACA;;AAEA;EACE;EACA;EACA;EACA;EACA;EACA;;AAIF;EACE;EACA;EAEA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;AAQA;EACE;EACA;EACA;EACA;;AAIF;EACE;EACA;EACA;;AAGF;EACE;EAIA;EACA;;AAGF;EACE;EAGA;EACA;EAGA;EACA;EACA;;AAIJ;EACE;EACA;EACA;EACA;EACA;EACA;EACA;;AAEA;EACE;;AAGF;EACE;;AAGF;EACE;EACA;EACA;EACA;EACA;;AAMN;EACE;IACE;;;AAIJ;EAjIF;IAkII;;;AAGF;EArIF;IAsII;;;;AAKJ;EACE;IACE","file":"page-accueil.css"}
{"version":3,"sourceRoot":"","sources":["../../../src/sass/pages/page-accueil.scss"],"names":[],"mappings":";AAEA;EAEE;EAGA;EACA;EAEA;EACA;EACA;EACA;EACA;EACA;;AAEA;EACE;EACA;EACA;EACA;;AAEA;EACE;EACA;EACA;EACA;EACA;EACA;;AAIF;EACE;EACA;EAEA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EAOA;;AAEA;EACE;EACA;EACA;EACA;;AAIF;EACE;EACA;EACA;;AAGF;EACE;EAIA;EACA;;AAGF;EACE;EAGA;EACA;EAGA;EACA;EACA;;AAIJ;EACE;EACA;EACA;EACA;EACA;EACA;EACA;;AAEA;EACE;;AAGF;EACE;;AAGF;EACE;EACA;EACA;EACA;EACA;;AAMN;EACE;IACE;;;AAIJ;EAjIF;IAkII;;;AAGF;EArIF;IAsII;;;;AAKJ;EACE;IACE","file":"page-accueil.css"}

2
web/app/themes/haiku-atelier-2024/assets/css/pages/page-boutique.css
View file

@ -9,4 +9,4 @@
padding: var(--espace-xl) 0;
}
/*# sourceMappingURL=page-boutique.css.map */
/* # sourceMappingURL=page-boutique.css.map */

55
web/app/themes/haiku-atelier-2024/assets/css/pages/page-contact.min.css vendored
View file

@ -1 +1,54 @@
#page-contact{--page-hauteur-minimale:calc(100svh - var(--en-tete-hauteur) - var(--pied-de-page-hauteur) - var(--espace-xl) - 1px);--page-marges-bloc-debut:var(--en-tete-hauteur);margin-top:var(--page-marges-bloc-debut);margin-bottom:var(--espace-xl);border-bottom:1px solid var(--couleur-noir);flex-flow:column;display:flex}#page-contact .contenu{width:min(50rem,100%);min-height:var(--page-hauteur-minimale);border:1px solid var(--couleur-noir);border-bottom:initial;flex-flow:column;place-items:center;margin:auto;font-style:italic;font-weight:500;display:flex}#page-contact .contenu__en-tete{width:100%;padding:var(--espace-m)var(--espace-xl);color:var(--couleur-blanc);background:var(--couleur-noir)}#page-contact .contenu__en-tete h2{text-transform:uppercase;width:fit-content;letter-spacing:var(--espacement-inter-lettres-etendu-l);margin:auto}#page-contact .contenu__textuel{max-width:34rem;height:100%;padding:0 var(--espace-xl);text-wrap:pretty;flex-flow:column;flex:1;place-content:center;display:flex}#page-contact .contenu__textuel p+p{margin-top:var(--espace-m)}@media (width<=50rem){#page-contact .contenu{border-right:initial;border-left:initial}}
#page-contact {
--page-hauteur-minimale: calc(
100svh - var(--en-tete-hauteur) - var(--pied-de-page-hauteur) - var(--espace-xl) - 1px
);
--page-marges-bloc-debut: var(--en-tete-hauteur);
margin-top: var(--page-marges-bloc-debut);
margin-bottom: var(--espace-xl);
border-bottom: 1px solid var(--couleur-noir);
flex-flow: column;
display: flex;
}
#page-contact .contenu {
width: min(50rem, 100%);
min-height: var(--page-hauteur-minimale);
border: 1px solid var(--couleur-noir);
border-bottom: initial;
flex-flow: column;
place-items: center;
margin: auto;
font-style: italic;
font-weight: 500;
display: flex;
}
#page-contact .contenu__en-tete {
width: 100%;
padding: var(--espace-m) var(--espace-xl);
color: var(--couleur-blanc);
background: var(--couleur-noir);
}
#page-contact .contenu__en-tete h2 {
text-transform: uppercase;
width: fit-content;
letter-spacing: var(--espacement-inter-lettres-etendu-l);
margin: auto;
}
#page-contact .contenu__textuel {
max-width: 34rem;
height: 100%;
padding: 0 var(--espace-xl);
text-wrap: pretty;
flex-flow: column;
flex: 1;
place-content: center;
display: flex;
}
#page-contact .contenu__textuel p + p {
margin-top: var(--espace-m);
}
@media (width <= 50rem) {
#page-contact .contenu {
border-right: initial;
border-left: initial;
}
}

2
web/app/themes/haiku-atelier-2024/assets/css/pages/page-modele-simple.css
View file

@ -94,4 +94,4 @@
}
}
/*# sourceMappingURL=page-modele-simple.css.map */
/* # sourceMappingURL=page-modele-simple.css.map */

48
web/app/themes/haiku-atelier-2024/assets/css/pages/page-panier.css
View file

@ -74,7 +74,7 @@
* 2. Cache les flèches d'augmentation/diminution sur Chrome/Edge/Safari.
*/
}
#panneau-panier .panneau__grille-produits .detail-produit__actions input[type=number] {
#panneau-panier .panneau__grille-produits .detail-produit__actions input[type="number"] {
grid-column: 2;
width: 100%;
border: initial;
@ -82,7 +82,14 @@
text-align: center;
appearance: textfield; /* 1 */
}
#panneau-panier .panneau__grille-produits .detail-produit__actions input[type=number]::-webkit-outer-spin-button, #panneau-panier .panneau__grille-produits .detail-produit__actions input[type=number]::-webkit-inner-spin-button {
#panneau-panier
.panneau__grille-produits
.detail-produit__actions
input[type="number"]::-webkit-outer-spin-button,
#panneau-panier
.panneau__grille-produits
.detail-produit__actions
input[type="number"]::-webkit-inner-spin-button {
margin: 0; /* 2 */
appearance: none; /* 2 */
}
@ -227,7 +234,14 @@
#panneau-panier .panneau__instructions-code-promo {
padding: var(--espace-xl) var(--espace-l);
}
#panneau-panier .panneau__instructions-code-promo .panneau__instructions-code-promo__code-promo input, #panneau-panier .panneau__instructions-code-promo .panneau__instructions-code-promo__code-promo button {
#panneau-panier
.panneau__instructions-code-promo
.panneau__instructions-code-promo__code-promo
input,
#panneau-panier
.panneau__instructions-code-promo
.panneau__instructions-code-promo__code-promo
button {
flex: 1;
}
#panneau-panier .panneau__sous-totaux {
@ -289,10 +303,16 @@
font-size: 0.8rem;
font-style: italic;
}
#panneau-informations-client .panneau__formulaires .panneau__formulaires__separation-adresses label {
#panneau-informations-client
.panneau__formulaires
.panneau__formulaires__separation-adresses
label {
text-transform: lowercase;
}
#panneau-informations-client .panneau__formulaires .panneau__formulaires__paiement .formulaire__paiement__attente-renseignement-formulaires {
#panneau-informations-client
.panneau__formulaires
.panneau__formulaires__paiement
.formulaire__paiement__attente-renseignement-formulaires {
align-content: center;
width: 100%;
padding: 0;
@ -301,7 +321,11 @@
color: grey;
text-align: center;
}
#panneau-informations-client .panneau__formulaires .panneau__formulaires__paiement .formulaire__paiement__attente-renseignement-formulaires p + p {
#panneau-informations-client
.panneau__formulaires
.panneau__formulaires__paiement
.formulaire__paiement__attente-renseignement-formulaires
p + p {
margin-top: 1lh;
}
#panneau-informations-client .panneau__formulaires .panneau__formulaires__message {
@ -335,7 +359,11 @@
place-items: center;
justify-content: space-between;
}
#panneau-informations-client .formulaire .formulaire__champs .formulaire__champs__champ + .formulaire__champs__champ {
#panneau-informations-client
.formulaire
.formulaire__champs
.formulaire__champs__champ
+ .formulaire__champs__champ {
margin-top: var(--espace-l);
}
#panneau-informations-client .formulaire label {
@ -426,11 +454,11 @@
margin-top: var(--espace-m);
font-size: initial;
}
#page-panier[data-contient-articles=false] .panneau {
#page-panier[data-contient-articles="false"] .panneau {
display: none;
}
#page-panier[data-contient-articles=false] .panier-vide {
#page-panier[data-contient-articles="false"] .panier-vide {
display: block;
}
/*# sourceMappingURL=page-panier.css.map */
/* # sourceMappingURL=page-panier.css.map */

5
web/app/themes/haiku-atelier-2024/assets/css/pages/page-succes-commande.css
View file

@ -57,7 +57,8 @@
grid-template-rows: 1fr;
border-bottom: 1px solid var(--couleur-noir);
}
#page-succes-commande .contenu__rappel-commande__produit:only-child, #page-succes-commande .contenu__rappel-commande__produit:last-of-type {
#page-succes-commande .contenu__rappel-commande__produit:only-child,
#page-succes-commande .contenu__rappel-commande__produit:last-of-type {
border-bottom: initial;
}
#page-succes-commande .contenu__rappel-commande__produit__illustratif {
@ -105,4 +106,4 @@
}
}
/*# sourceMappingURL=page-succes-commande.css.map */
/* # sourceMappingURL=page-succes-commande.css.map */

10
web/app/themes/haiku-atelier-2024/assets/img/favicon.svg
View file

@ -1 +1,9 @@
<svg viewBox="0 0 90 90" xmlns="http://www.w3.org/2000/svg"><path fill="#E7FFB4" d="M85.241 48.817c-1.365-3.553-4.989-5.856-9.771-6.737 7.718-5.116 11.871-12.229 9.706-17.868-2.79-7.268-15.031-9.329-27.335-4.602-3.173 1.218-6.032 2.768-8.491 4.521l-.024-.068c-2.791-7.269-15.035-9.329-27.338-4.601C9.681 24.19 1.969 33.914 4.76 41.184c1.262 3.283 4.458 5.501 8.712 6.514C6.419 52.746 2.721 59.473 4.79 64.857c2.791 7.27 15.033 9.329 27.337 4.602 3.077-1.183 5.866-2.676 8.278-4.366.076.284.162.565.269.843 2.791 7.271 15.032 9.33 27.336 4.604 12.31-4.73 20.022-14.456 17.231-21.723"/></svg>
<svg
viewBox="0 0 90 90"
xmlns="http://www.w3.org/2000/svg"
>
<path
fill="#E7FFB4"
d="M85.241 48.817c-1.365-3.553-4.989-5.856-9.771-6.737 7.718-5.116 11.871-12.229 9.706-17.868-2.79-7.268-15.031-9.329-27.335-4.602-3.173 1.218-6.032 2.768-8.491 4.521l-.024-.068c-2.791-7.269-15.035-9.329-27.338-4.601C9.681 24.19 1.969 33.914 4.76 41.184c1.262 3.283 4.458 5.501 8.712 6.514C6.419 52.746 2.721 59.473 4.79 64.857c2.791 7.27 15.033 9.329 27.337 4.602 3.077-1.183 5.866-2.676 8.278-4.366.076.284.162.565.269.843 2.791 7.271 15.032 9.33 27.336 4.604 12.31-4.73 20.022-14.456 17.231-21.723"
/>
</svg>

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 590 B

After

Width:  |  Height:  |  Size: 611 B

Before After
Before After

18
web/app/themes/haiku-atelier-2024/assets/img/icons/aboutlclick-black.svg
View file

@ -1 +1,17 @@
<svg viewBox="43.801 35.326 186.516 130.185" xmlns="http://www.w3.org/2000/svg"><path opacity=".5" fill="#DFDEDE" d="M226.058 108.87c-3.021-7.855-11.031-12.949-21.609-14.896 17.068-11.315 26.261-27.05 21.471-39.518-6.177-16.074-33.244-20.635-60.461-10.179-7.015 2.694-13.343 6.124-18.778 10.001-.018-.05-.032-.102-.052-.152-6.174-16.076-33.251-20.633-60.46-10.178-27.223 10.456-44.276 31.967-38.105 48.043 2.792 7.266 9.862 12.164 19.273 14.402-15.603 11.168-23.785 26.049-19.206 37.953 6.176 16.079 33.251 20.633 60.46 10.176 6.809-2.611 12.975-5.918 18.311-9.656.169.627.358 1.251.595 1.867 6.174 16.075 33.241 20.631 60.462 10.176 27.22-10.455 44.272-31.965 38.099-48.039"/><path fill="none" stroke="#2B2B2B" stroke-width="5" stroke-miterlimit="10" d="M226.058 108.87c-3.021-7.855-11.031-12.949-21.609-14.896 17.068-11.315 26.261-27.05 21.471-39.518-6.177-16.074-33.244-20.635-60.461-10.179-7.015 2.694-13.343 6.124-18.778 10.001-.018-.05-.032-.102-.052-.152-6.174-16.076-33.251-20.633-60.46-10.178-27.223 10.456-44.276 31.967-38.105 48.043 2.792 7.266 9.862 12.164 19.273 14.402-15.603 11.168-23.785 26.049-19.206 37.953 6.176 16.079 33.251 20.633 60.46 10.176 6.809-2.611 12.975-5.918 18.311-9.656.169.627.358 1.251.595 1.867 6.174 16.075 33.241 20.631 60.462 10.176 27.22-10.455 44.272-31.965 38.099-48.039z"/></svg>
<svg
viewBox="43.801 35.326 186.516 130.185"
xmlns="http://www.w3.org/2000/svg"
>
<path
opacity=".5"
fill="#DFDEDE"
d="M226.058 108.87c-3.021-7.855-11.031-12.949-21.609-14.896 17.068-11.315 26.261-27.05 21.471-39.518-6.177-16.074-33.244-20.635-60.461-10.179-7.015 2.694-13.343 6.124-18.778 10.001-.018-.05-.032-.102-.052-.152-6.174-16.076-33.251-20.633-60.46-10.178-27.223 10.456-44.276 31.967-38.105 48.043 2.792 7.266 9.862 12.164 19.273 14.402-15.603 11.168-23.785 26.049-19.206 37.953 6.176 16.079 33.251 20.633 60.46 10.176 6.809-2.611 12.975-5.918 18.311-9.656.169.627.358 1.251.595 1.867 6.174 16.075 33.241 20.631 60.462 10.176 27.22-10.455 44.272-31.965 38.099-48.039"
/>
<path
fill="none"
stroke="#2B2B2B"
stroke-width="5"
stroke-miterlimit="10"
d="M226.058 108.87c-3.021-7.855-11.031-12.949-21.609-14.896 17.068-11.315 26.261-27.05 21.471-39.518-6.177-16.074-33.244-20.635-60.461-10.179-7.015 2.694-13.343 6.124-18.778 10.001-.018-.05-.032-.102-.052-.152-6.174-16.076-33.251-20.633-60.46-10.178-27.223 10.456-44.276 31.967-38.105 48.043 2.792 7.266 9.862 12.164 19.273 14.402-15.603 11.168-23.785 26.049-19.206 37.953 6.176 16.079 33.251 20.633 60.46 10.176 6.809-2.611 12.975-5.918 18.311-9.656.169.627.358 1.251.595 1.867 6.174 16.075 33.241 20.631 60.462 10.176 27.22-10.455 44.272-31.965 38.099-48.039z"
/>
</svg>

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.3 KiB

After

Width:  |  Height:  |  Size: 1.3 KiB

Before After
Before After

18
web/app/themes/haiku-atelier-2024/assets/img/icons/aboutlclick-yellow.svg
View file

@ -1 +1,17 @@
<svg viewBox="43.727 35.716 186.52 130.194" xmlns="http://www.w3.org/2000/svg"><path opacity=".5" fill="#DFDEDE" d="M225.982 109.258c-3.021-7.855-11.031-12.949-21.609-14.896 17.068-11.315 26.261-27.05 21.471-39.518-6.177-16.074-33.244-20.635-60.461-10.179-7.015 2.694-13.343 6.124-18.778 10.001-.018-.05-.032-.102-.052-.152-6.174-16.076-33.251-20.633-60.46-10.178-27.222 10.456-44.276 31.967-38.104 48.043 2.792 7.266 9.862 12.164 19.273 14.402-15.603 11.168-23.785 26.049-19.206 37.953 6.176 16.079 33.251 20.633 60.46 10.176 6.809-2.611 12.975-5.918 18.311-9.656.169.627.358 1.251.595 1.867 6.174 16.075 33.241 20.631 60.462 10.176 27.22-10.455 44.272-31.965 38.098-48.039"/><path fill="none" stroke="#D8FFA5" stroke-width="5" stroke-miterlimit="10" d="M225.982 109.258c-3.021-7.855-11.031-12.949-21.609-14.896 17.068-11.315 26.261-27.05 21.471-39.518-6.177-16.074-33.244-20.635-60.461-10.179-7.015 2.694-13.343 6.124-18.778 10.001-.018-.05-.032-.102-.052-.152-6.174-16.076-33.251-20.633-60.46-10.178-27.222 10.456-44.276 31.967-38.104 48.043 2.792 7.266 9.862 12.164 19.273 14.402-15.603 11.168-23.785 26.049-19.206 37.953 6.176 16.079 33.251 20.633 60.46 10.176 6.809-2.611 12.975-5.918 18.311-9.656.169.627.358 1.251.595 1.867 6.174 16.075 33.241 20.631 60.462 10.176 27.22-10.455 44.272-31.965 38.098-48.039z"/></svg>
<svg
viewBox="43.727 35.716 186.52 130.194"
xmlns="http://www.w3.org/2000/svg"
>
<path
opacity=".5"
fill="#DFDEDE"
d="M225.982 109.258c-3.021-7.855-11.031-12.949-21.609-14.896 17.068-11.315 26.261-27.05 21.471-39.518-6.177-16.074-33.244-20.635-60.461-10.179-7.015 2.694-13.343 6.124-18.778 10.001-.018-.05-.032-.102-.052-.152-6.174-16.076-33.251-20.633-60.46-10.178-27.222 10.456-44.276 31.967-38.104 48.043 2.792 7.266 9.862 12.164 19.273 14.402-15.603 11.168-23.785 26.049-19.206 37.953 6.176 16.079 33.251 20.633 60.46 10.176 6.809-2.611 12.975-5.918 18.311-9.656.169.627.358 1.251.595 1.867 6.174 16.075 33.241 20.631 60.462 10.176 27.22-10.455 44.272-31.965 38.098-48.039"
/>
<path
fill="none"
stroke="#D8FFA5"
stroke-width="5"
stroke-miterlimit="10"
d="M225.982 109.258c-3.021-7.855-11.031-12.949-21.609-14.896 17.068-11.315 26.261-27.05 21.471-39.518-6.177-16.074-33.244-20.635-60.461-10.179-7.015 2.694-13.343 6.124-18.778 10.001-.018-.05-.032-.102-.052-.152-6.174-16.076-33.251-20.633-60.46-10.178-27.222 10.456-44.276 31.967-38.104 48.043 2.792 7.266 9.862 12.164 19.273 14.402-15.603 11.168-23.785 26.049-19.206 37.953 6.176 16.079 33.251 20.633 60.46 10.176 6.809-2.611 12.975-5.918 18.311-9.656.169.627.358 1.251.595 1.867 6.174 16.075 33.241 20.631 60.462 10.176 27.22-10.455 44.272-31.965 38.098-48.039z"
/>
</svg>

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.3 KiB

After

Width:  |  Height:  |  Size: 1.3 KiB

Before After
Before After

Some files were not shown because too many files have changed in this diff Show more