[Owasp-modsecurity-core-rule-set] phpmyadmin usage via localhost interface through mod_security
jamuse at gmail.com
Sun Oct 31 04:02:51 EDT 2010
On Sun, Oct 31, 2010 at 12:41 AM, Jason Brooks <jason at mi-squared.com> wrote:
> Does the equivalent string "LOCAL_ADDR" exist? It's the listening
> address of localhost i want to unblock...
The REMOTE_ADDR variable just holds the IP address of the remote
client. In this case, you can probably just use 127.0.0.1.
> Silly question: how do I determine what the various ruleids will be?
Take a look at section K (and H) in the ModSec audit log to see which
rules are stopping traffic. Look for the 'id' directive which contains
the rule's unique ID.
> I think i need to buy the book. :)
FWIW, I highly recommend Ivan's ModSecurity Handbook, well worth the investment.
More information about the Owasp-modsecurity-core-rule-set