|
From: Brad Z. <bra...@na...> - 2018-06-20 18:36:52
|
Nevermind found I can just chain them. Thanks for leading "this" horse to water. -Brad On 06/20/2018 01:59 PM, Brad Zynda wrote: > Hey Walter, > > very cool > > I see I have a few options with path foo or @endswith /file.. > > Can I also restrict it by adding an allowed IP CIDR and IP > > Ex. > > I want to allow the whole 192.168.1.0/24 and an IP 10.10.100.105? > > SecRule REMOTE_ADDR "@ipMatch 192.168.1.0/24, 10.10.100.105" or would I > need to separate those? > > Thanks, > Brad > > > > On 06/20/2018 12:56 PM, Walter Hop wrote: >>> Also can the rule instead of just being disabled allow conditions for >>> whitelisting, such as, from IP or filename? >> >> Yes definitely.. You could add a static piece of configuration like: >> >> <Location "/foo/"> >> SecRuleRemoveById 200003 >> </Location> >> >> Or you could add exclusions dynamically if you have more complex conditions: >> >> SecRule REQUEST_FILENAME "@rx ^/foo/\d+$" \ >> "id:12345,phase:1,t:none,nolog,pass,\ >> ctl:ruleRemoveById=200003" >> >> Cheers, >> WH >> >> >> >> ------------------------------------------------------------------------------ >> Check out the vibrant tech community on one of the world's most >> engaging tech sites, Slashdot.org! http://sdm.link/slashdot >> >> >> >> _______________________________________________ >> mod-security-developers mailing list >> mod...@li... >> https://lists.sourceforge.net/lists/listinfo/mod-security-developers >> ModSecurity Services from Trustwave's SpiderLabs: >> https://www.trustwave.com/spiderLabs.php >> > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > mod-security-developers mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-developers > ModSecurity Services from Trustwave's SpiderLabs: > https://www.trustwave.com/spiderLabs.php > |
