Re: [mod-security-users] My variable seems to never expire...

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi Mikaël,

On Thu, Sep 17, 2020 at 06:38:58PM +0200, Mikaël Pirio wrote:
> @Ervin Thanks. These rules seems to work:

...

> #
> # If max counter is reached AND it's an API request, deny it
> #
> SecRule SESSION:API_REQ_COUNTER "@gt %{tx.api_req_counter_max}" \
>     "id:5,\
>     deny,\
>     status:429,\
>     log,\
>     msg:'RATELIMITED',\
>     chain"
>     SecRule TX:IS_API_REQ "@eq 1"
> 

it's good to know - thank you!

a.