mod-security-users

[mod-security-users] Handling different request from different server

[Kwa H. W. <hw...@ye...>]

Hey gurus,

=20

I'm a newbie here using mod_security for my apache version 1.3. =20

=20

I have some problem implementing the rules which send some requires from
my application server containing "^$" in the header request.  Can I
write a rule to allow all requests from some IP while restricting the
rest from sending such request?

=20

Thanks amillion.

wannabe

=20

Re: [mod-security-users] Handling different request from different server

[Ivan R. <iva...@gm...>]

On 5/23/06, Kwa Han Wee <hw...@ye...> wrote:
>
> I have some problem implementing the rules which send some requires from =
my
> application server containing "^$" in the header request.  Can I write a
> rule to allow all requests from some IP while restricting the rest from
> sending such request?

Sure, for example (use as your first rule):

SecFilterSelective REMOTE_ADDR ^127\.0\.0\.01$" nolog,allow

It's in the manual too.

--=20
Ivan Ristic, Technical Director
Thinking Stone, http://www.thinkingstone.com
ModSecurity: Open source Web Application Firewall