>From the documents:
It is highly encouraged that you do not edit the Core rules files
themselves but rather place all
changes (such as SecRuleRemoveByID, etc...) in your custom rules file
Thus i create a file modsecurity_crs_15_customrules.conf and try to remove
a rule that cause blocking.
But it don't work:
Example Usage: SecRuleRemoveByID 1 2 "9000-9010"
Example Usage: SecRuleRemoveByMsg "FAIL"
if i want to block rule:
SecRule REQUEST_METHOD "^(?:GET|HEAD)$"
"chain,phase:2,t:none,block,nolog,auditlog,status:400,msg:'GET or HEAD
requests with bodies',
SecRule REQUEST_HEADERS:Content-Length "!^0?$"
then i wrote this in modsecurity_crs_15_customrules.conf and place in
SecRuleRemoveByMsg "GET or HEAD requests with bodies"
is it correct?
This e-mail is intended solely for the addressee. If you have received
this e-mail in error, please notify the sender by reply e-mail and
immediately delete it from your system.
Get latest updates about Open Source Projects, Conferences and News.