summaryrefslogtreecommitdiff
path: root/config/default.rules
diff options
context:
space:
mode:
authorsantii-git2026-01-21 12:02:40 -0300
committerGitHub2026-01-21 16:02:40 +0100
commitb115fe5b74ce08c2979b74d53a0d5f07ccfa03f8 (patch)
tree07c76666c60ccfba76beb57d7b45db4fb79fe084 /config/default.rules
parent5f944e2b1085bdd07b75f7c13bec2b2ad49ea09e (diff)
Update default.rules
Set the correct PHP versions for each rule and add the mb_send_mail function.
Diffstat (limited to 'config/default.rules')
-rw-r--r--config/default.rules10
1 files changed, 6 insertions, 4 deletions
diff --git a/config/default.rules b/config/default.rules
index c528191..3e82ae3 100644
--- a/config/default.rules
+++ b/config/default.rules
@@ -45,10 +45,12 @@ sp.cookie.name("PHPSESSID").samesite("lax");
45@end_condition; 45@end_condition;
46 46
47# Prevent various `mail`-related vulnerabilities 47# Prevent various `mail`-related vulnerabilities
48@condition PHP_VERSION_ID < 80300; 48@condition PHP_VERSION_ID < 80000;
49sp.disable_function.function("mail").param("additional_parameters").value_r("\\-").drop(); 49 sp.disable_function.function("mail").param("additional_parameters").value_r("\\-").drop();
50@condition PHP_VERSION_ID >= 80300; 50 sp.disable_function.function("mb_send_mail").param("additional_parameters").value_r("\\-").drop();
51sp.disable_function.function("mail").param("additional_params").value_r("\\-").drop(); 51@condition PHP_VERSION_ID >= 80000;
52 sp.disable_function.function("mail").param("additional_params").value_r("\\-").drop();
53 sp.disable_function.function("mb_send_mail").param("additional_params").value_r("\\-").drop();
52@end_condition; 54@end_condition;
53 55
54# Since it's now burned, me might as well mitigate it publicly 56# Since it's now burned, me might as well mitigate it publicly