Thread: [mod-security-users] Bypass a form element from modsecurity
Brought to you by:
victorhora,
zimmerletw
From: Sushant V. <sve...@jn...> - 2013-05-23 23:01:47
|
Is there a way where a particular form element can be bypassed from modsecurity ruleset? |
From: Reindl H. <h.r...@th...> - 2013-05-23 23:51:33
Attachments:
signature.asc
|
Am 24.05.2013 01:01, schrieb Sushant Vengurlekar: > Is there a way where a particular form element can be bypassed from > modsecurity ruleset? SecRuleUpdateTargetById <ruleid> !ARGS:password _____________________ you need to place this after your rules! modsec would trigger my CMS passwords as XSS/SQL-Injection :-) |