Re: [mod-security-users] Conditional SecRuleRemoveById
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Conditional SecRuleRemoveById
|
From: Christian F. <chr...@ne...> - 2017-12-19 08:01:14
|
Marks, Seriously, this works? Awesome. I never do Locations but maybe that's a mistake. Thanks for correcting me. Christian On Tue, Dec 19, 2017 at 08:19:14AM +0100, Marc Stern wrote: > The following works: > <Location /assistancecheck/sendddocument.php> > SecRuleRemoveById 210220 > SecRuleRemoveById 210240 > </Location> > > This is because a separate context is built for each location at config time > > On 19-12-17 08:12, Christian Folini wrote: > > Hey Ed, > > > > Sorry, this won't work. > > > > Reason being SecRuleRemoveById is a startup / config time directive. It > > removes the rule from the list of rules at the startup of the server. > > The directive is not evaluated during the handling of the requests. > > > > What you want is to apply the exclusion conditionally at runtime. That's what > > the ctl:ruleRemoveById action (and friends) are here for. > > > > The details are described in a certain detail in my tutorial at > > https://www.netnea.com/cms/apache-tutorial-7_including-modsecurity-core-rules/ > > in step 7 and 8. Plus a handy cheatsheet near the end of the guide. > > > > Hope this helps. > > > > Christian > > > > > > On Mon, Dec 18, 2017 at 06:06:02PM +0000, Ed Greenberg wrote: > > > I'm trying to remove a rule for only one page. > > > > > > Does this look correct? > > > > > > <Directory "/var/www/html/assistancecheck"> > > > > > > <Files "sendddocument.php"> > > > > > > SecRuleRemoveById 210220 > > > > > > SecRuleRemoveById 210240 > > > > > > </Files> > > > > > > </Directory> > > > > > > When I make it unconditional, it works. > > > > > > Thanks > > > > > > -- > > > > > > Ed Greenberg | Web Developer and LInux System Administrator > > > __________________________________________________________________ > > > > > > HAPPY Software, Inc. l Work HAPPY-er! > > > t. 888-484-2779 l f. 518-584-5388 > > > This message and any of its attachments are intended only for the use > > > of the designated recipient, or the recipient’s designee, and may > > > contain information that is confidential or privileged. If you are not > > > the intended recipient, please immediately notify HAPPY Software, Inc., > > > delete all copies of the message and any attachments and do not > > > disseminate or make any use of their contents. > > > ------------------------------------------------------------------------------ > > > Check out the vibrant tech community on one of the world's most > > > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > > > _______________________________________________ > > > mod-security-users mailing list > > > mod...@li... > > > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > > > http://www.modsecurity.org/projects/commercial/rules/ > > > http://www.modsecurity.org/projects/commercial/support/ > > > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ -- https://www.feistyduck.com/training/modsecurity-training-course https://www.feistyduck.com/books/modsecurity-handbook/ mailto:chr...@ne... twitter: @ChrFolini |
