Thread: [mod-security-users] Mod security rule for blocking actionOutcome
Brought to you by:
victorhora,
zimmerletw
From: Chintan J. <chintan.jain@NWEA.org> - 2010-12-14 21:39:09
|
I am trying to create a rule to not allow actionOutcome method in Request body and URI. Will this rule work? Any help would be much appreciated. SecRule REQUEST_URI|REQUEST_BODY "actionOutcome" "phase:2,t:none,block,nolog,auditlog,status:501,msg:'Method is not allowed by policy', severity:'2',id:'990032',tag:'POLICY/METHOD_NOT_ALLOWED',setvar:tx.anomaly_score=+5,setvar:tx.policy_score=+1,setvar:tx.%{rule.id}-POLICY/SEAM_METHOD_NOT_ALLOWED-%{matched_var_name}=%{matched_var}" |