Re: [mod-security-users] SecFilter rule processing questions
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] SecFilter rule processing questions
|
From: Ivan R. <iv...@we...> - 2003-08-06 10:46:07
|
Brett Dicker wrote:
> Hi,
>
> I've just subscribed so I'm not sure if this has been previously
> discussed.
>
> I've created a set of rules to explicitly allow certain files, e.g.
>
> SecFilter "\.jsp|\.html|\.css|\.js|\.gif|\.jpg" "allow"
> SecFilter "^/$" "allow" # (Still working on this one)
>
> ...
>
> My question is, is the 'allow' action the wrong action for the job and
> I should be using a different action?
The idea you have is a right one but there is a problem
because mod_security has no "allow" action :) There is
"pass" but its effect is not to stop execution on a filter
match (it proceeds with other filters).
I will be dealing with filters and actions extensively in the
forthcoming 1.7 release, and "allow" certainly seems like something
we should have.
But not everything is lost. One way to do what you want
is with this filter:
SecFilterSelective REQUEST_URI "!(\.jsp)|(\.gif)"
* I've used SecFilterSelective to only look at the REQUEST_URI
because that is where the filename is at. This way the filter
is more efficient.
* Note the exclamation mark at the beginning of the
regular expression. It reverses its effect so the filter
will match on those requests that do not satisfy the
expression.
Bye,
Ivan
|
