That did it, thanks.  I'd tried double-quotes but didn't think to look at singles

A
On Nov 3, 2013, at 10:17 AM, Josh Amishav-Zlatin <jamuse@owasp.org>
 wrote:

On Fri, Nov 1, 2013 at 5:23 PM, Macks, Aaron <amacks@harvardbusiness.org> wrote:
I've got a bunch of rule-exceptions that need to allow multiple problematic-looking but valid arguments (or cookies).  The naive way to do that is:
!ARGS:/^addresses/|!ARGS:items|!ARGS:shippingInfo
I tried putting that as a single rule REGEX:
!ARGS:/^(addresses|items|:shippingInfo)/
but it parsed the pipe as "next variable" and threw some errors*.  Is there a way to quote a regex in that section of config, or do i need to do it the naive way?


Hi Aaron,

You could use single quotes around your regex, e.g.:

SecRuleUpdateTargetById 12345 !ARGS:'/^(addresses|items|shippingInfo)$/'

--
 - Josh
------------------------------------------------------------------------------
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/

--
Aaron Macks
Systems Architect

Harvard Business Publishing
300 North Beacon St.    |   Watertown, MA 02472
(617) 783-7461                |   Fax: (617) 783-7467
www.harvardbusiness.org |   Cell:(978) 317-3614