[mod-security-users] Active specifics rules with SecRuleEngine DetectionOnly
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[mod-security-users] Active specifics rules with SecRuleEngine DetectionOnly
|
From: Cristiano G. <cri...@ga...> - 2018-03-21 16:48:20
|
Hi! My platform: - Modsecurity: 2.9.0-1 (from Ubuntu repository) - CRS 3.0 - Apache 2.4.18-2ubuntu3.5 Modsecurity is configured with SecRuleEngine DetectionOnly but I want to activate some rules to block requests. This is my configuration: IncludeOptional /etc/modsecurity/modsecurity.conf (set SecRuleEngine DetectionOnly) IncludeOptional /usr/share/modsecurity-crs/owasp-crs.load └──> Load all CRS 3 IncludeOptional /usr/share/modsecurity-crs/my-rules.load └──> Load my specifics Rules. I want to include in my rules something that activates CRS rules. For example, change rule 920350 to engine=on to block accesses by IP. How to do this? Best regards, Cristiano Galdino cri...@ga... |
