HI All -
I have a set of reverse proxy servers running mod_security that actively
protect a variety of applications and do active virus scanning for uploads
using inspectFile and clamav. I am doing virtual hosting with these proxy
servers, I have the modsec rules included in the global server config.
However some of the applications behind these servers cause too many false
positives, so their virtual host entry has the SecRuleEngine turned off.
For one of these virtual hosts, I'd like to enable just the inspectFile
rule to do virus scanning, but not the rest of the rules. How can I do
this on a virtual host level for just this one vhost without turning on
the rest of the rules?
BTW - Apache 2.2.11, mod_sec 2.5.7