I have created the following rule to block a known web application
vulnerability scan (getting TONS of these lately from what looks like
bot nets) :
# This rule stops scans for a known web calendar vulnerability
SecRule REQUEST_URI "tools/send_reminders\.php" "phase:1,deny,nolog"
It does not seem to be working though as I still get this showing up in
1 990011 NOTICE (5) Request Indicates an automated program explored
the site Warning. Match of "rx ^apache.*perl" against
What am I doing wrong?