4 Jul 14:43
Re: Disabling rules for one argument
From: Ryan Barnett <Ryan.Barnett <at> Breach.com>
Subject: Re: Disabling rules for one argument
Newsgroups: gmane.comp.apache.mod-security.user
Date: 2008-07-04 12:44:08 GMT
Subject: Re: Disabling rules for one argument
Newsgroups: gmane.comp.apache.mod-security.user
Date: 2008-07-04 12:44:08 GMT
Perhaps I am not understanding your issue, but you can simply add an inverted variable (with the specific
argument name) to the variable list to exclude it -
SecRule ARGS|!ARGS:name "bad pattern" ...
Thanks,
Ryan C. Barnett
----- Original Message -----
From: mod-security-users-bounces <at> lists.sourceforge.net <mod-security-users-bounces <at> lists.sourceforge.net>
To: mod-security-users <at> lists.sourceforge.net <mod-security-users <at> lists.sourceforge.net>
Sent: Fri Jul 04 04:50:36 2008
Subject: [mod-security-users] Disabling rules for one argument
Hello,
I have a rule like
SecRule ARGS "bad pattern" "id:10000,..."
and I'd like to disable it for one specific argument
I tried
SecRule ARGS:name "phase:2,t:none,allow,nolog,ctl:ruleRemoveById=10000"
but it doesn't work
Any idea ?
Thanks,
Nick
-------------------------------------------------------------------------
Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
Studies have shown that voting for your favorite open source project,
along with a healthy diet, reduces your potential for chronic lameness
and boredom. Vote Now at http://www.sourceforge.net/community/cca08
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
-------------------------------------------------------------------------
Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
Studies have shown that voting for your favorite open source project,
along with a healthy diet, reduces your potential for chronic lameness
and boredom. Vote Now at http://www.sourceforge.net/community/cca08
RSS Feed