Thanks guys.  Should we put this in a custom rules file, the main config file or directly in our httpd.conf file?


On Wed, 2008-10-22 at 21:32 -0400, Ryan Barnett wrote:
Good call - we forgot the "." in the final network octet :(  That would
obviously cause the rule not to match.  Thanks for the heads-up and we
will correct this.

We really need to update the FAQ document as a whole anyways.

-Ryan

-----Original Message-----
From: Nicholas Schuetz [mailto:mod_security@thelinuxshack.com] 
Sent: Wednesday, October 22, 2008 9:07 PM
To: Clayton Dillard
Cc: mod-security-users@lists.sourceforge.net
Subject: Re: [mod-security-users] Exclude hosts from checks

I think there is a typo in the FAQ:

SecRule REMOTE_ADDR "^10\.50\.25\15$"
phase:1,nolog,allow,ctl:ruleEngine=Off,ctl:auditEngine=Off

should be

SecRule REMOTE_ADDR "^10\.50\.25\.15$"
phase:1,nolog,allow,ctl:ruleEngine=Off,ctl:auditEngine=Off


On Wed, Oct 22, 2008 at 3:52 PM, Clayton Dillard
<claytondillard@gmail.com> wrote:
> I've tried adding a rule like the ones listed in the FAQ to my
httpd.conf
> file, to the modsecurity_crs_10 file and to a custom _60 rules file
that we
> have and still scans from the scanner server show up in the logs for
Mod.
>
> Here is the rule I used:
>
> SecRule REMOTE_ADDR "^10\.50\.25\15$"
> phase:1,nolog,allow,ctl:ruleEngine=Off,ctl:auditEngine=Off
>
>
>
>
>
> On Sat, 2008-10-18 at 11:11 -0500, Steve Suehring wrote:
>
> Maybe this is what you want?
>
> http://www.modsecurity.org/documentation/faq.html#d0e400
>
> Steve
>
> On Sat, Oct 18, 2008 at 12:33:01AM -0400, Clayton Dillard wrote:
>> We have a host we use to perform scans of our web environment.  Is
there
>> a way to configure ModSecurity to not alert on traffic coming from
this
>> host?  We don't mind of ModSecurity takes appropriate deny action but
we
>> just don't want to see all of the alerts in the ModSecurity Console
or
>> in the logs.
>>
>> Thanks,
>> Clay
>
>>
------------------------------------------------------------------------
-
>> This SF.Net email is sponsored by the Moblin Your Move Developer's
>> challenge
>> Build the coolest Linux based applications with Moblin SDK & win
great
>> prizes
>> Grand prize is a trip for two to an Open Source event anywhere in the
>> world
>> http://moblin-contest.org/redirect.php?banner_id=100&url=/
>> _______________________________________________
>> mod-security-users mailing list
>> mod-security-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/mod-security-users
>
>
>
------------------------------------------------------------------------
-
> This SF.Net email is sponsored by the Moblin Your Move Developer's
challenge
> Build the coolest Linux based applications with Moblin SDK & win great
> prizes
> Grand prize is a trip for two to an Open Source event anywhere in the
world
> http://moblin-contest.org/redirect.php?banner_id=100&url=/
> _______________________________________________
> mod-security-users mailing list
> mod-security-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/mod-security-users
>
>

------------------------------------------------------------------------
-
This SF.Net email is sponsored by the Moblin Your Move Developer's
challenge
Build the coolest Linux based applications with Moblin SDK & win great
prizes
Grand prize is a trip for two to an Open Source event anywhere in the
world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users