[Owasp-modsecurity-core-rule-set] phpmyadmin usage via localhost interface through mod_security

Jamuse jamuse at gmail.com
Sun Oct 31 04:02:51 EDT 2010


On Sun, Oct 31, 2010 at 12:41 AM, Jason Brooks <jason at mi-squared.com> wrote:

> Does the equivalent string "LOCAL_ADDR" exist?  It's the listening
> address of localhost i want to unblock...
>

Hi Jason,

The REMOTE_ADDR variable just holds the IP address of the remote
client. In this case, you can probably just use 127.0.0.1.

>
> Silly question: how do I determine what the various ruleids will be?

Take a look at section K (and H) in the ModSec audit log to see which
rules are stopping traffic. Look for the 'id' directive which contains
the rule's unique ID.


>
> I think i need to buy the book.   :)

FWIW, I highly recommend Ivan's ModSecurity Handbook, well worth the investment.

--
 - Josh


More information about the Owasp-modsecurity-core-rule-set mailing list