Re: [mod-security-users] My variable seems to never expire...

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi Mikaël,

On Tue, Sep 15, 2020 at 08:29:50PM +0200, Mikaël Pirio wrote:
...

> SecRule REQUEST_URI "^/api/" \
>     "id:400011,\
>     phase:2,\
>     pass,\
>     nolog,\
>     setvar:'session.api_req_counter=+1',\
>     expirevar:'session.api_req_counter=60'"
...

> It works: requests are denied! but they are forever. My
> variable session.api_req_counter is never reseted.

I didn't checked the logic of the rules, but after the quick view
I assume the expirevar has no effect (it's not implemented).

Btw it's documented:

https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-(v2.x)#expirevar

"Supported on libModSecurity: TBI"

a.