Re: [mod-security-users] disable mod_security per REMOTE_ADDR

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Ryan Barnett wrote:
> OK, well then you should be able to place a new filter at the top of 
> your rules file to tell mod_security to allow all requests from that 
> specific IP by changing the default action to "allow" -
>  
> SecFilterSelective REMOTE_ADDR 192.168.1.100 allow

   That's better written as ^192\.168\.1\.100$

> See the user manual (pg. 21) - 
> http://www.modsecurity.org/documentation/modsecurity-manual.pdf

   But that's not the same as SecFilterEngine Off. The default
   processing would still go on, as would POST buffering. Perhaps
   another variable, to conditionally stop mod_security
   execution (to be used together with SetEnvIf) is in order?

   I'll give it a try tomorrow.

-- 
Ivan Ristic
Apache Security (O'Reilly) - http://www.apachesecurity.net
Open source web application firewall - http://www.modsecurity.org