Re: [mod-security-users] disable mod_security per REMOTE_ADDR
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] disable mod_security per REMOTE_ADDR
|
From: Ivan R. <iv...@we...> - 2005-09-08 08:30:04
|
Achim Hoffmann wrote: > for testing a live platform I need to disable mod_security. > I know that SecFilterSelective can be triggered on REMOTE_ADDR, but I'm > unshure if it can > be used to disable *all* tests for a specific IP without changing all > rules from > SecFilter to SecFilterSelective. The code in the CVS is now capable of dynamically enabling or disabling mod_security per request. It uses the MODSEC_ENABLE environment variable. If the variable exists it will override the SecFilterEngine directive. The parameters are the same (ie On, Off, DynamicOnly). Example: SetEnvIfNoCase Remote_Addr ^192\.168\.2\.12$ \ "MODSEC_ENABLE=Off" -- Ivan Ristic Apache Security (O'Reilly) - http://www.apachesecurity.net Open source web application firewall - http://www.modsecurity.org |
