I'm pretty new to mod_security and have run into my first issue. I am
using mod_security 1.9.x and apache 1.3.x. I am using a fairly simple
ruleset that has been doing the job without over-taxing my server. I
have recently installed the newest version of a popular CMS and am
now getting my first false positive.
The URL that is triggering the positive is in the form of...
... though there will be variations on this
The rule that is causing the false positive is pretty broad and is...
SecFilterSelective THE_REQUEST "&command="
I tried adding the following near the bottom of my ruleset to see if
it would act as an exclusion, with no luck
# phpwebsite v 1.x exclusion
SecFilterSelective THE_REQUEST "&command=" pass,nolog
Any suggestions as to how I might be best to proceed?
Get latest updates about Open Source Projects, Conferences and News.