[Owasp-modsecurity-core-rule-set] phpmyadmin usage via localhost interface through mod_security
jason at mi-squared.com
Sat Oct 30 18:41:08 EDT 2010
First, thank you for your reply.
> There are a couple of ways to handle this, but here's one example that
> disables both the rule and audit engine for a specific IP:
> SecRule REMOTE_ADDR "@streq xxx.xxx.xxx.xxx" "phase:1,nolog,allow, \
Does the equivalent string "LOCAL_ADDR" exist? It's the listening
address of localhost i want to unblock...
>> 2) how to enable/disable some or all of CRS based on the request url,
>> or the request path.
> To disable some of the rules based on URI you can use something like:
> <LocationMatch /phpmyadmin/>
> SecRuleRemoveById 900000-900010
> SecRuleRemoveById 999999
Silly question: how do I determine what the various ruleids will be?
> another variant could be:
> SecRule REQUEST_URI phpmyadmin "phase:2,t:none,t:lowercase,nolog, \
> - Josh
I think i need to buy the book. :)
More information about the Owasp-modsecurity-core-rule-set