[mod-security-users] Cookie with whitespace in name as target
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[mod-security-users] Cookie with whitespace in name as target
|
From: Anant M. <amu...@pa...> - 2025-07-28 23:19:01
|
Hello, I need to write a SecRule with a particular HTTP cookie as the target to be removed by a ctl:ruleRemoveTargetByTag. However, the cookie name has a whitespaces, so a rule like this throws an error: SecRule ... "id:1000, phase:2, pass, ctl:ruleRemoveTargetByTag=attack-rce;REQUEST_COOKIES:name with space ..." I've tried the below options but these didn't work either: SecRule ... "id:1000, phase:2, pass, ctl:ruleRemoveTargetByTag=attack-rce;REQUEST_COOKIES:'name with space' ..." SecRule ... "id:1000, phase:2, pass, ctl:ruleRemoveTargetByTag=attack-rce;REQUEST_COOKIES:name\ with\ space ..." Is it possible to do this? Thanks, Anant |
