Re: [mod-security-users] REQUEST_COOKIES_NAMES:/regex/ does not work

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

On Mon, Apr 02, 2018 at 03:03:42PM -0700, Robert Paprocki wrote:
> Right, so the reason SecRuleUpdateTargetById wasn't working was because it
> was listed in the config file before my rule definition. It's gotta live
> *after*. (ref: https://github.com/SpiderLabs/owasp-modsecurity-
> crs/blob/v3.0/master/rules/REQUEST-900-EXCLUSION-RULES-
> BEFORE-CRS.conf.example#L43)

Note to self: Don't attend 2-hour CRS community chat and then try to respond
to questions on mailinglist quickly before going to bed.

Christian

-- 
Orwell never meant 1984 as a blueprint!
-- Comment found on Bruce Schneier's blog