Re: [mod-security-users] NGINX Disable Rule
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] NGINX Disable Rule
|
From: Robert P. <rpa...@fe...> - 2015-06-05 16:36:24
|
Yes, ³SecRuleRemoveById is not a valid nginx config directive in any context. It is a modsecurity directive, which will live in items own config file. > On Jun 5, 2015, at 4:45, Phil Daws <ux...@sp...> wrote: > > Hello Felipe: > > So I assume by that the directive is not understood at location/and or vhost level ? > > Thanks, Phil > > ----- On 5 Jun, 2015, at 12:29, Felipe Costa FC...@tr... wrote: > >> Hi Phil, >> >> Please use ³SecRuleRemoveById" inside the file pointed by >> ³ModSecurityConfig² directive in your nginx configuration. >> >> >> Br, >> Felipe ³Zimmerle² Costa >> Security Researcher, SpiderLabs >> >> Trustwave | SMART SECURITY ON DEMAND >> www.trustwave.com <http://www.trustwave.com/> >> >> >> >> >> >> >>> On 6/5/15, 4:43 AM, "Phil Daws" <ux...@sp...> wrote: >>> >>> Hello all, >>> >>> Am trying to disable a rule using: >>> >>> SecRuleRemoveById 341245; >>> >>> in NGINX 1.9 with ModSec 2.9 and when I execute nginx -t -c >>> /etc/nginx.conf am receiving: >>> >>> nginx: [emerg] unknown directive "SecRuleRemoveById" in .... >>> >>> That would suggest ModSec is not loading but it is blocking URIs ?? >>> >>> Thanks, Phil >>> >>> (null) >>> >>> -------------------------------------------------------------------------- >>> ---- >>> _______________________________________________ >>> mod-security-users mailing list >>> mod...@li... >>> http://scanmail.trustwave.com/?c=4062&d=lNXx1cNByLrpUiAuL4cPX6nGun1zWeVlJ6 >>> gPc2MhnA&s=5&u=https%3a%2f%2flists%2esourceforge%2enet%2flists%2flistinfo% >>> 2fmod-security-users >>> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: >>> http://scanmail.trustwave.com/?c=4062&d=lNXx1cNByLrpUiAuL4cPX6nGun1zWeVlJ_ >>> pdJzp1mA&s=5&u=http%3a%2f%2fwww%2emodsecurity%2eorg%2fprojects%2fcommercia >>> l%2frules%2f >>> http://scanmail.trustwave.com/?c=4062&d=lNXx1cNByLrpUiAuL4cPX6nGun1zWeVlJ_ >>> tZdTYhzQ&s=5&u=http%3a%2f%2fwww%2emodsecurity%2eorg%2fprojects%2fcommercia >>> l%2fsupport%2f >> >> >> ________________________________ >> >> This transmission may contain information that is privileged, confidential, >> and/or exempt from disclosure under applicable law. If you are not the intended >> recipient, you are hereby notified that any disclosure, copying, distribution, >> or use of the information contained herein (including any reliance thereon) is >> strictly prohibited. If you received this transmission in error, please >> immediately contact the sender and destroy the material in its entirety, >> whether in electronic or hard copy format. > > (null) > > ------------------------------------------------------------------------------ > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ |
