[mod-security-users] exclude specific variable in query string for inspection
Brought to you by:
victorhora,
zimmerletw
From: Jeroen de B. <jer...@an...> - 2009-10-28 16:46:21
|
Hi there, (pretty new at mod_security). I am running mod_security (latest version) on front of a webapplication. This webapplication generates a signature and appends this to the query string. Because this signature contains a large random string it sometimes contains a forbidden string and is blocked by mod_security by a false positive. Is it possible to exclude a single query string variable for inspection by mod_security (and to set that globally, not in each rule) ? Thanks in advance Jeroen |