Thread: [mod-security-users] Custom ruleset not working
Brought to you by:
victorhora,
zimmerletw
From: Dimitri Y. <dyi...@fi...> - 2010-12-29 22:37:34
|
Well, I guess a few things are popping up since I upgraded my ruleset to the latest and greatest. I have a custom ruleset (modsecurity_crs_15_customconfig.conf) to whitelist my internal hosts: SecRule REMOTE_ADDR "127\.0\.0\.1" "allow, nolog" SecRule REMOTE_ADDR "^192\.168\.100\." phase:1,nolog,allow,ctl:ruleEngine=Off,ctl:auditEngine=Off SecRule REMOTE_ADDR "^192\.168\.1\." phase:1,nolog,allow,ctl:ruleEngine=Off,ctl:auditEngine=Off SecRule REMOTE_ADDR "^192\.168\.101\." phase:1,nolog,allow,ctl:ruleEngine=Off,ctl:auditEngine=Off However, one of my internal host running nagios is now triggering a rule (to me, it doesn't matter which; internal hosts shouldn't trigger any rules). What do I need to do to fix this? Thanks. Dimitri -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. |