Re: [mod-security-users] Conditional SecRuleRemoveById
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Conditional SecRuleRemoveById
|
From: Christian F. <chr...@ne...> - 2017-12-19 07:12:40
|
Hey Ed, Sorry, this won't work. Reason being SecRuleRemoveById is a startup / config time directive. It removes the rule from the list of rules at the startup of the server. The directive is not evaluated during the handling of the requests. What you want is to apply the exclusion conditionally at runtime. That's what the ctl:ruleRemoveById action (and friends) are here for. The details are described in a certain detail in my tutorial at https://www.netnea.com/cms/apache-tutorial-7_including-modsecurity-core-rules/ in step 7 and 8. Plus a handy cheatsheet near the end of the guide. Hope this helps. Christian On Mon, Dec 18, 2017 at 06:06:02PM +0000, Ed Greenberg wrote: > I'm trying to remove a rule for only one page. > > Does this look correct? > > <Directory "/var/www/html/assistancecheck"> > > <Files "sendddocument.php"> > > SecRuleRemoveById 210220 > > SecRuleRemoveById 210240 > > </Files> > > </Directory> > > When I make it unconditional, it works. > > Thanks > > -- > > Ed Greenberg | Web Developer and LInux System Administrator > __________________________________________________________________ > > HAPPY Software, Inc. l Work HAPPY-er! > t. 888-484-2779 l f. 518-584-5388 > This message and any of its attachments are intended only for the use > of the designated recipient, or the recipient’s designee, and may > contain information that is confidential or privileged. If you are not > the intended recipient, please immediately notify HAPPY Software, Inc., > delete all copies of the message and any attachments and do not > disseminate or make any use of their contents. > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ -- https://www.feistyduck.com/training/modsecurity-training-course https://www.feistyduck.com/books/modsecurity-handbook/ mailto:chr...@ne... twitter: @ChrFolini |
