Re: [mod-security-users] Conditional SecRuleRemoveById
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Conditional SecRuleRemoveById
|
From: Marc S. <mar...@ap...> - 2017-12-19 07:53:20
|
The following works: <Location /assistancecheck/sendddocument.php> SecRuleRemoveById 210220 SecRuleRemoveById 210240 </Location> This is because a separate context is built for each location at config time On 19-12-17 08:12, Christian Folini wrote: > Hey Ed, > > Sorry, this won't work. > > Reason being SecRuleRemoveById is a startup / config time directive. It > removes the rule from the list of rules at the startup of the server. > The directive is not evaluated during the handling of the requests. > > What you want is to apply the exclusion conditionally at runtime. That's what > the ctl:ruleRemoveById action (and friends) are here for. > > The details are described in a certain detail in my tutorial at > https://www.netnea.com/cms/apache-tutorial-7_including-modsecurity-core-rules/ > in step 7 and 8. Plus a handy cheatsheet near the end of the guide. > > Hope this helps. > > Christian > > > On Mon, Dec 18, 2017 at 06:06:02PM +0000, Ed Greenberg wrote: >> I'm trying to remove a rule for only one page. >> >> Does this look correct? >> >> <Directory "/var/www/html/assistancecheck"> >> >> <Files "sendddocument.php"> >> >> SecRuleRemoveById 210220 >> >> SecRuleRemoveById 210240 >> >> </Files> >> >> </Directory> >> >> When I make it unconditional, it works. >> >> Thanks >> >> -- >> >> Ed Greenberg | Web Developer and LInux System Administrator >> __________________________________________________________________ >> >> HAPPY Software, Inc. l Work HAPPY-er! >> t. 888-484-2779 l f. 518-584-5388 >> This message and any of its attachments are intended only for the use >> of the designated recipient, or the recipient’s designee, and may >> contain information that is confidential or privileged. If you are not >> the intended recipient, please immediately notify HAPPY Software, Inc., >> delete all copies of the message and any attachments and do not >> disseminate or make any use of their contents. >> ------------------------------------------------------------------------------ >> Check out the vibrant tech community on one of the world's most >> engaging tech sites, Slashdot.org! http://sdm.link/slashdot >> _______________________________________________ >> mod-security-users mailing list >> mod...@li... >> https://lists.sourceforge.net/lists/listinfo/mod-security-users >> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: >> http://www.modsecurity.org/projects/commercial/rules/ >> http://www.modsecurity.org/projects/commercial/support/ > |
