FL370
Reputation: 1
ModSecurity Whitelisting for specific uri
I have set up Apache2 + PHP5 on CentOS 7
Some PHPs of my web application, they accept UUID as GET parameter and this violates the ModSecurity URI pattern.
I want to set up ModSecurity to bypass security checks for specific URIs. How can I do this?
Thanks!
Upvotes: 0
Views: 1044
Answers (1)
azurit
Reputation: 134
You can create an exclusion rule like this:
SecRule REQUEST_FILENAME "@endsWith /dir/script.php" \
"id:1000,\
phase:2,\
pass,\
t:none,\
nolog,\
ctl:ruleRemoveTargetById=932130;ARGS:get_or_post_parameter,\
ctl:ruleRemoveTargetById=941100;ARGS:get_or_post_parameter,\
ctl:ruleRemoveTargetById=932130;ARGS:get_or_post_parameter2"
Set your URI in the first line and, at the end of the rule, add exclusions for pairs of rule ID and GET/POST parameter name (like in the example above). Finally, put rule into file REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf .
Upvotes: 0
Related Questions
- ModSecurity Block Multiple URLs with One Rule?
- Allow Mod-Security for request uri
- Disable mod_security by requested URL
- ModSecurity SecRule to exclude an URL from any check
- ModSecurity for URL Whitelisting
- Mod security Block GET request to URI path
- ModSecurity: Whitelist Arguments By Value
- Modsecurity create config file with rules for specific URL
- How to Whitelist an IP Address Using Mod_Security
- Whitelist in .htaccess