|
From: Brad Z. <bra...@na...> - 2018-06-20 17:59:32
|
Hey Walter, very cool I see I have a few options with path foo or @endswith /file.. Can I also restrict it by adding an allowed IP CIDR and IP Ex. I want to allow the whole 192.168.1.0/24 and an IP 10.10.100.105? SecRule REMOTE_ADDR "@ipMatch 192.168.1.0/24, 10.10.100.105" or would I need to separate those? Thanks, Brad On 06/20/2018 12:56 PM, Walter Hop wrote: >> Also can the rule instead of just being disabled allow conditions for >> whitelisting, such as, from IP or filename? > > Yes definitely.. You could add a static piece of configuration like: > > <Location "/foo/"> > SecRuleRemoveById 200003 > </Location> > > Or you could add exclusions dynamically if you have more complex conditions: > > SecRule REQUEST_FILENAME "@rx ^/foo/\d+$" \ > "id:12345,phase:1,t:none,nolog,pass,\ > ctl:ruleRemoveById=200003" > > Cheers, > WH > > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > > > > _______________________________________________ > mod-security-developers mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-developers > ModSecurity Services from Trustwave's SpiderLabs: > https://www.trustwave.com/spiderLabs.php > |
