Hi,

I am having troubles with this file: modsecurity_crs_15_customrules.conf

My understanding was all I need to do is to put this file in the directory where modsecurity configuration files are, and that will allow me to submit rules to whitelist.

I run the following to see where I should create the file:

===
root@zion [/usr/local/apache/conf]# cat httpd.conf |grep mods
Include "/usr/local/apache/conf/modsec2.conf"
===

Then I check it out:

====
root@zion [/usr/local/apache/conf]# cat modsec2.conf

LoadFile /opt/xml2/lib/libxml2.so
 LoadFile /opt/lua/lib/liblua.so
LoadModule security2_module  modules/mod_security2.so
<IfModule mod_security2.c>
SecRuleEngine On
# See http://www.modsecurity.org/documentation/ModSecurity-Migration-Matrix.pdf
#  "Add the rules that will do exactly the same as the directives"
# SecFilterCheckURLEncoding On
# SecFilterForceByteRange 0 255
SecAuditEngine RelevantOnly
SecAuditLog logs/modsec_audit.log
SecDebugLog logs/modsec_debug_log
SecDebugLogLevel 0
SecDefaultAction "phase:2,deny,log,status:406"

SecRule REMOTE_ADDR "^127.0.0.1$" nolog,allow
Include "/usr/local/apache/conf/modsec2.user.conf"

Include /usr/local/apache/conf/modsec/00_asl_rbl.conf
Include /usr/local/apache/conf/modsec/00_asl_whitelist.conf
Include /usr/local/apache/conf/modsec/05_asl_exclude.conf
Include /usr/local/apache/conf/modsec/05_asl_scanner.conf
Include /usr/local/apache/conf/modsec/10_asl_antimalware.conf
Include /usr/local/apache/conf/modsec/10_asl_rules.conf
Include /usr/local/apache/conf/modsec/20_asl_useragents.conf
Include /usr/local/apache/conf/modsec/30_asl_antimalware.conf
Include /usr/local/apache/conf/modsec/30_asl_antispam.conf
Include /usr/local/apache/conf/modsec/40_asl_apache2-rules.conf
Include /usr/local/apache/conf/modsec/50_asl_rootkits.conf
Include /usr/local/apache/conf/modsec/60_asl_recons.conf
Include /usr/local/apache/conf/modsec/99_asl_exclude.conf
Include /usr/local/apache/conf/modsec/99_asl_jitp.conf
Include /usr/local/apache/conf/modsec/trusted-domains.conf
====

i can't see modsecurity_crs_15_customrules.conf, but from the documentation it seems all I need to do is to just create the file and enter the exceptions there, without even adding it to the modsec2.conf file.

But it's not working. 

Any ideas?