I am having troubles with this file: modsecurity_crs_15_customrules.conf
My understanding was all I need to do is to put this file in the directory where modsecurity configuration files are, and that will allow me to submit rules to whitelist.
I run the following to see where I should create the file:
root@zion [/usr/local/apache/conf]# cat httpd.conf |grep mods
Then I check it out:
root@zion [/usr/local/apache/conf]# cat modsec2.conf
LoadModule security2_module modules/mod_security2.so
# "Add the rules that will do exactly the same as the directives"
# SecFilterCheckURLEncoding On
# SecFilterForceByteRange 0 255
SecRule REMOTE_ADDR "^127.0.0.1$" nolog,allow
i can't see modsecurity_crs_15_customrules.conf, but from the documentation it seems all I need to do is to just create the file and enter the exceptions there, without even adding it to the modsec2.conf file.
But it's not working.