[Owasp-modsecurity-core-rule-set] Practical ways to disable a rule aside from commenting it.

Dimitri Syuoul dsyuoul at gmail.com
Mon Jan 11 16:45:34 EST 2010


Due to the nature of the HTML forms indeed there is legitimate
parameters of the same name in the form that users POST to, and
modsecurity is blocking this with a forbidden page.

My question is, aside from simply commenting the rule in question in
modsecurity_crs_40_generic_attacks.conf  is there a more practical way
to disable this rule?



More information about the Owasp-modsecurity-core-rule-set mailing list