From 309481168de02f2dee5a4266359d72866442f665 Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Mon, 5 Mar 2018 14:25:25 +0100
Subject: Improve a bit the performances (+10%)

---
 config/default.rules | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

(limited to 'config/default.rules')

diff --git a/config/default.rules b/config/default.rules
index 7e3ee53..a5ea3d1 100644
--- a/config/default.rules
+++ b/config/default.rules
@@ -8,10 +8,14 @@ sp.disable_function.function("mail").param("additional_parameters").value_r("\\-
 sp.disable_function.function("putenv").param("setting").value_r("LD_").drop()
 
 ##Prevent various `include`-related vulnerabilities
-sp.disable_function.function_r("^(?:require|include)_once$").value_r("\\.(?:php|php7|inc|tpl)$").allow();
-sp.disable_function.function_r("^require|include$").value_r("\\.(?:php|php7|inc|tpl)$").allow();
-sp.disable_function.function_r("^(?:require|include)_once$").drop();
-sp.disable_function.function_r("^require|include$").drop();
+sp.disable_function.function("require_once").value_r("\.php$").allow();
+sp.disable_function.function("include_once").value_r("\.php$").allow();
+sp.disable_function.function("require").value_r("\.php$").allow();
+sp.disable_function.function("include").value_r("\.php$").allow();
+sp.disable_function.function("require_once").drop()
+sp.disable_function.function("include_once").drop()
+sp.disable_function.function("require").drop()
+sp.disable_function.function("include").drop()
 
 # Prevent `system`-related injections
 sp.disable_function.function("system").param("command").value_r("[$|;&`\\n]").drop();
-- 
cgit v1.3