<div id="tabs-userdata">
<div id="editor_userdata">
<div class="userdata_row">
<span class="userdata_label_span">
<label class="userdata_label">Custom Rules:</label><br>
<textarea class="userdata_textarea" id="userdata_custom_rules">[% userdata.custom_rules %]</textarea>
</span>
<span class="userdata_text_span"><br> Put your custom ModSecurity directives in this field.<br>
Full command reference available <a href="https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual">here</a>.
</span>
</div><hr>
[% IF userdata.files_found == 1 %]
[% IF userdata.userdata_wl_agents == 1 %]
<div class="userdata_row">
<span class="userdata_label_span">
<label class="userdata_label">Whitelisted Agents:</label><br>
<textarea class="userdata_textarea" id="userdata_wl_agents">[% userdata.userdata_wl_agents_content %]</textarea>
</span>
<span class="userdata_text_span"><br> Put your whitelisted user-agents here (one agent per line).<br>
COMODO provides lists of blacklisted scanners (bl_scanners) and agents (bl_agents), but users are not allowed to modify them.<br>
If one of your legitimated agents is blocking by these lists then you should whitelist this user-agent here.
</span>
</div><hr>
[% END %]
[% IF userdata.userdata_bl_agents == 1 %]
<div class="userdata_row">
<span class="userdata_label_span">
<label class="userdata_label">Blocked Agents:</label><br>
<textarea class="userdata_textarea" id="userdata_bl_agents">[% userdata.userdata_bl_agents_content %]</textarea>
</span>
<span class="userdata_text_span"><br> Put your blocked user-agents here (one agent per line).<br>
COMODO provides lists of blacklisted scanners (bl_scanners) and agents (bl_agents), but users are not allowed to modify them.<br>
If one of malicious agents is not blocking by these lists then you should add this user-agent here.</span>
</div><hr>
[% END %]
[% IF userdata.userdata_wl_domains == 1 %]
<div class="userdata_row">
<span class="userdata_label_span">
<label class="userdata_label">Whitelisted Domains:</label><br>
<textarea class="userdata_textarea" id="userdata_wl_domains">[% userdata.userdata_wl_domains_content %]</textarea>
</span>
<span class="userdata_text_span"><br> Put your whitelisted domains here (one domain per line).<br>
COMODO provides list of blacklisted domains (bl_domains), but users aren't allowed to modify them.<br>
If one of your legitimated domain blocking by this list then you should whitelist your domain using this list.
</span>
</div><hr>
[% END %]
[% IF userdata.userdata_bl_domains == 1 %]
<div class="userdata_row">
<span class="userdata_label_span">
<label class="userdata_label">Blocked Domains:</label><br>
<textarea class="userdata_textarea" id="userdata_bl_domains">[% userdata.userdata_bl_domains_content %]</textarea>
</span>
<span class="userdata_text_span"><br> Put your blacklisted domains here (one domain per line).<br>
COMODO provides list of blacklisted domains (bl_domains), but users aren't allowed to modify them.<br>
You can add you blacklisted domains here.
</span>
</div><hr>
[% END %]
[% IF userdata.userdata_login_pages == 1 %]
<div class="userdata_row">
<span class="userdata_label_span">
<label class="userdata_label">Login Pages:</label><br>
<textarea class="userdata_textarea" id="userdata_login_pages">[% userdata.userdata_login_pages_content %]</textarea>
</span>
<span class="userdata_text_span"><br> Put your login pages here (one script name per line).<br>
If you need to protect some of your applications against bruteforce attack then put name of login script here. <br>
Also it could contain part of URL, for example:<br> /admin/letmein.php
</span>
</div><hr>
[% END %]
[% IF userdata.userdata_wl_methods == 1 %]
<div class="userdata_row">
<span class="userdata_label_span">
<label class="userdata_label">Whitelisted Methods:</label><br>
<textarea class="userdata_textarea" id="userdata_wl_methods">[% userdata.userdata_wl_methods_content %]</textarea>
</span>
<span class="userdata_text_span"><br> Put your whitelisted methods here (one method per line).<br>
COMODO WAF allows only few most common HTTP methods (GET, POST, HEAD, OPTIONS, PROPFIND).<br>
If your site uses another method then you should whitelist it here.</span>
</div><hr>
[% END %]
[% IF userdata.userdata_wl_content_type == 1 %]
<div class="userdata_row">
<span class="userdata_label_span">
<label class="userdata_label">Allowed Content-Type:</label><br>
<textarea class="userdata_textarea" id="userdata_wl_content_type">[% userdata.userdata_wl_content_type_content %]</textarea>
</span>
<span class="userdata_text_span"><br> Put your allowed request content MIME type here (one type per line).<br>
By default only several content types are allowed (text/html, application/x-www-form-urlencoded etc).<br>
If your site uses another content type then you should whitelist it here.<br>
For example: text/plain, application/zip or video/mpeg.</span>
</div><hr>
[% END %]
[% IF userdata.userdata_bl_extensions == 1 %]
<div class="userdata_row">
<span class="userdata_label_span">
<label class="userdata_label">Blocked Extensions:</label><br>
<textarea class="userdata_textarea" id="userdata_bl_extensions">[% userdata.userdata_bl_extensions_content %]</textarea>
</span>
<span class="userdata_text_span"><br> Put file extensions which will be blocked (one extension per line).<br>
If you want to disallow serving of files with some extension you can add you restricted extensions here.</span>
</div><hr>
[% END %]
[% IF userdata.userdata_bl_headers == 1 %]
<div class="userdata_row">
<span class="userdata_label_span">
<label class="userdata_label">Restricted Headers:</label><br>
<textarea class="userdata_textarea" id="userdata_bl_headers">[% userdata.userdata_bl_headers_content %]</textarea>
</span>
<span class="userdata_text_span"><br> Put your restricted request headers here (one header per line).<br>
By default any request headers are allowed.<br>
If your want to block some request header then you should blacklist it here.</span>
</div><hr>
[% END %]
<!-- ---------------------------------------------------->
[% IF userdata.userdata_wl_IPs == 1 %]
<div class="userdata_row">
<span class="userdata_label_span">
<label class="userdata_label">Whitelisted IPs:</label><br>
<textarea class="userdata_textarea" id="userdata_wl_IPs">[% userdata.userdata_wl_IPs_content %]</textarea>
</span>
<span class="userdata_text_span"><br> This list allows you to whitelist trusted IP addresses that will not be blocked by some of our security rules. Any IP address listed here will also have access to the administration panels like "administrator" or "wp-admin" if you have it restricted URLs in proper blacklist.
</span>
</div><hr>
[% END %]
[% IF userdata.userdata_bl_IPs == 1 %]
<div class="userdata_row">
<span class="userdata_label_span">
<label class="userdata_label">Blacklisted IPs:</label><br>
<textarea class="userdata_textarea" id="userdata_bl_IPs">[% userdata.userdata_bl_IPs_content %]</textarea>
</span>
<span class="userdata_text_span"><br>This list allows you to ban an IP address from visiting your web site.</span>
</div><hr>
[% END %]
[% IF userdata.userdata_wl_URLs == 1 %]
<div class="userdata_row">
<span class="userdata_label_span">
<label class="userdata_label">Whitelisted URLs:</label><br>
<textarea class="userdata_textarea" id="userdata_wl_URLs">[% userdata.userdata_wl_URLs_content %]</textarea>
</span>
<span class="userdata_text_span"><br> This list allows to remove protection for specified URLs. E.g. /wp-content/themes/mytheme/timthumb.php
</span>
</div><hr>
[% END %]
[% IF userdata.userdata_bl_URLs == 1 %]
<div class="userdata_row">
<span class="userdata_label_span">
<label class="userdata_label">Blocked URLs:</label><br>
<textarea class="userdata_textarea" id="userdata_bl_URLs">[% userdata.userdata_bl_URLs_content %]</textarea>
</span>
<span class="userdata_text_span"><br> This list allows to block access to specified URLs on your site. E.g. .htaccess, wp-admin/. Only whitelisted IP addresses will be allowed to visit them. This can be useful if you want to restrict access to certain pages or content.
</span>
</div><hr>
[% END %]
[% IF userdata.userdata_bl_referers == 1 %]
<div class="userdata_row">
<span class="userdata_label_span">
<label class="userdata_label">Blocked Referers:</label><br>
<textarea class="userdata_textarea" id="userdata_bl_referers">[% userdata.userdata_bl_referers_content %]</textarea>
</span>
<span class="userdata_text_span"><br> List of denied HTTP referrers in request headers.
</span>
</div><hr>
[% END %]
[% IF userdata.userdata_bl_cookies == 1 %]
<div class="userdata_row">
<span class="userdata_label_span">
<label class="userdata_label">Blocked cookies:</label><br>
<textarea class="userdata_textarea" id="userdata_bl_cookies">[% userdata.userdata_bl_cookies_content %]</textarea>
</span>
<span class="userdata_text_span"><br> List of denied HTTP cookies in request headers.
</span>
</div><hr>
[% END %]
<!-- ---------------------------------------------------->
[% ELSE %]
<span class="latest_version">No userdata files found in current rule set!</span>
[% END %]
<br><button class="dialog_buttons" id="save_userdata">Save</button>
</div>
</div>