Thread: [mod-security-users] Question on how to exclude for a specific file path
Brought to you by:
victorhora,
zimmerletw
From: Peter M. A. <sup...@dy...> - 2009-09-25 14:51:11
|
Greetings: I need to turn off most of mod_security for a specific path for Mod_security 1.9 (we are not yet on Apache 2). I've tried <LocationMatch "/hsphere/local/home/dnidni/helpdesk.dynamicnet.net/admin.php"> Along with <LocationMatch "/hsphere/local/home/dnidni/helpdesk.dynamicnet.net/admin.php.*"> Along with FilesMatch. What do I need to do in order to exclude a specific file based on full path? BTW, "<Directory /hsphere/local/home/dnidni/helpdesk.dynamicnet.net>" works, but I would rather limit to a specific file. Thank you. ________________________________________________ Peter M. Abraham |
From: Ryan B. <Rya...@br...> - 2009-09-25 14:57:07
|
When using Location or LocationMatch, you need to use the URI path to the resource (external client view) and not the *local* directory path. -Ryan ________________________________________ From: Peter M. Abraham [sup...@dy...] Sent: Friday, September 25, 2009 10:44 AM To: mod...@li... Subject: [mod-security-users] Question on how to exclude for a specific file path Greetings: I need to turn off most of mod_security for a specific path for Mod_security 1.9 (we are not yet on Apache 2). I've tried <LocationMatch "/hsphere/local/home/dnidni/helpdesk.dynamicnet.net/admin.php"> Along with <LocationMatch "/hsphere/local/home/dnidni/helpdesk.dynamicnet.net/admin.php.*"> Along with FilesMatch. What do I need to do in order to exclude a specific file based on full path? BTW, "<Directory /hsphere/local/home/dnidni/helpdesk.dynamicnet.net>" works, but I would rather limit to a specific file. Thank you. ________________________________________________ Peter M. Abraham ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ mod-security-users mailing list mod...@li... https://lists.sourceforge.net/lists/listinfo/mod-security-users Commercial ModSecurity Appliances, Rule Sets and Support: http://www.modsecurity.org/breach/index.html |
From: Peter M. A. <sup...@dy...> - 2009-09-25 17:07:20
|
Hi Ryan: Thank you for your prompt response. How would I limit it to the "admin.php" file in /hsphere/local/home/dnidni/helpdesk.dynamicnet.net/admin.php if the URL is http://helpdesk.dynamicnet.net/admin.php where the URI full path is /admin.php? Meaning, I don't want any and all /admin.php impacted. Thank you. ________________________________________________ Peter M. Abraham > -----Original Message----- > From: Ryan Barnett [mailto:Rya...@br...] > Sent: Friday, September 25, 2009 10:56 AM > To: sup...@dy...; mod...@li... > Subject: RE: [mod-security-users] Question on how to exclude for a > specific file path > > When using Location or LocationMatch, you need to use the URI path to the > resource (external client view) and not the *local* directory path. > > -Ryan > > ________________________________________ > From: Peter M. Abraham [sup...@dy...] > Sent: Friday, September 25, 2009 10:44 AM > To: mod...@li... > Subject: [mod-security-users] Question on how to exclude for a specific > file path > > Greetings: > > I need to turn off most of mod_security for a specific path for > Mod_security > 1.9 (we are not yet on Apache 2). > > I've tried > > <LocationMatch > "/hsphere/local/home/dnidni/helpdesk.dynamicnet.net/admin.php"> > > Along with > > <LocationMatch > "/hsphere/local/home/dnidni/helpdesk.dynamicnet.net/admin.php.*"> > > Along with FilesMatch. > > > What do I need to do in order to exclude a specific file based on full > path? > > BTW, "<Directory /hsphere/local/home/dnidni/helpdesk.dynamicnet.net>" > works, > but I would rather limit to a specific file. > > Thank you. |