Re: [mod-security-users] REQUEST_COOKIES_NAMES:/regex/ does not work
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] REQUEST_COOKIES_NAMES:/regex/ does not work
|
From: Christian F. <chr...@ne...> - 2018-04-02 21:20:20
|
Hey Robert, On Mon, Apr 02, 2018 at 01:41:30PM -0700, Robert Paprocki wrote: > From > https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-%28v2.x%29#SecRuleUpdateTargetById > : > > Note that is is also possible to use regular expressions in the target > specification: > > SecRuleUpdateTargetById 981172 "!REQUEST_COOKIES:/^appl1_.*/" Now look at that! Glad you checked. I overlooked this after I had made up my mind based on the handbook and then confirmed this with the link above. But either way: If it does not work, then it's of no use. ;( > And there is no meaningful log-level 9 debug information to indicate that > SecRuleUpdateTargetById did anything (im still walking through > https://github.com/SpiderLabs/ModSecurity/blob/72f632e9b6b2e63677cfba7e62a47efb87c90b48/apache2/re.c#L198 > at this point- busy watching the Falcon 9 launch atm ;) ). SecRuleUpdateTargetById does not report much. But SecRule will. Ahoj, Christian -- It is not useful for liberty that we abolish it in order to protect it. --- Wolfgang Thierse, President of the German Parliament |
