From a250aca71f57036ede5b4934d404f3d33f574f98 Mon Sep 17 00:00:00 2001
From: Gasper Vozel
Date: Mon, 16 Aug 2021 11:54:48 +0200
Subject: Fix a few typos and inconsistencies in config files

---
 config/default.rules | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'config/default.rules')

diff --git a/config/default.rules b/config/default.rules
index ea65e01..b12653c 100644
--- a/config/default.rules
+++ b/config/default.rules
@@ -22,14 +22,14 @@ sp.disable_xxe.enable();
 # Only allow execution of read-only files. This is a low-hanging fruit that you should enable.
 # sp.readonly_exec.enable();
 
-# Php has a lot of wrappers, most of them aren't usually useful, you should 
+# PHP has a lot of wrappers, most of them aren't usually useful, you should
 # only enable the ones you're using.
 # sp.wrappers_whitelist.list("file,php,phar");
 
 # Prevent sloppy comparisons.
 # sp.sloppy_comparison.enable();
 
-# use SameSite on session cookie
+# Use SameSite on session cookie
 # https://snuffleupagus.readthedocs.io/features.html#protection-against-cross-site-request-forgery
 sp.cookie.name("PHPSESSID").samesite("lax");
 
@@ -57,7 +57,7 @@ sp.disable_function.function("extract").param("extract_type").value("0").drop()
 # Moreover, there are non-public bypasses that are also using this vector ;)
 sp.disable_function.function("ini_set").param("varname").value_r("open_basedir").drop()
 
-##Prevent various `include`-related vulnerabilities
+# Prevent various `include`-related vulnerabilities
 sp.disable_function.function("require_once").value_r("\.(inc|phtml|php)$").allow();
 sp.disable_function.function("include_once").value_r("\.(inc|phtml|php)$").allow();
 sp.disable_function.function("require").value_r("\.(inc|phtml|php)$").allow();
@@ -80,7 +80,7 @@ sp.disable_function.function("ini_set").param("varname").value("memory_limit").d
 sp.disable_function.function("ini_set").param("varname").value("include_path").drop();
 sp.disable_function.function("ini_set").param("varname").value("open_basedir").drop();
 
-# Detect some backdoors via environnement recon
+# Detect some backdoors via environment recon
 sp.disable_function.function("ini_get").param("varname").value("allow_url_fopen").drop();
 sp.disable_function.function("ini_get").param("varname").value("open_basedir").drop();
 sp.disable_function.function("ini_get").param("varname").value_r("suhosin").drop();
@@ -109,7 +109,7 @@ sp.disable_function.function("curl_setopt").param("value").value("2").allow();
 sp.disable_function.function("curl_setopt").param("option").value("64").drop().alias("Please don't turn CURLOPT_SSL_VERIFYCLIENT off.");
 sp.disable_function.function("curl_setopt").param("option").value("81").drop().alias("Please don't turn CURLOPT_SSL_VERIFYHOST off.");
 
-#File upload
+# File upload
 sp.disable_function.function("move_uploaded_file").param("destination").value_r("\\.ph").drop();
 sp.disable_function.function("move_uploaded_file").param("destination").value_r("\\.ht").drop();
 
-- 
cgit v1.3