Search found 4 matches
- 31 Jul 2017, 17:26
- Forum: Suggestions (cmc)
- Topic: Rule doesn't always apply due to <LocationMatch .*>
- Replies: 7
- Views: 21311
Re: Rule doesn't always apply due to <LocationMatch .*>
Saw the update today to address this, many thanks for the fix!
- 27 Jul 2017, 17:45
- Forum: Suggestions (cmc)
- Topic: Rule doesn't always apply due to <LocationMatch .*>
- Replies: 7
- Views: 21311
Re: Rule doesn't always apply due to <LocationMatch .*>
Looks like we'll have to implement both as sometimes you need LocationMatch and others not it seems. So: <IfModule mod_security2.c> SecRuleRemoveById 1010105 <LocationMatch .*> SecRuleRemoveById 1010105 </LocationMatch> </IfModule> I have the impression that LocationMatch isn't really used by any o...
- 27 Jul 2017, 16:43
- Forum: Suggestions (cmc)
- Topic: Rule doesn't always apply due to <LocationMatch .*>
- Replies: 7
- Views: 21311
Re: Rule doesn't always apply due to <LocationMatch .*>
I'm having the exact same issue. I'm using cPanel, EasyApache 4 and ModSecurity 2.9.0. I'll add an example so this can be better solved. Take this custom rule: <LocationMatch "/xmlrpc\.php"> SecRule REQUEST_METHOD "@streq POST" "id:1010105,msg:'CUSTOM: XML Pingback',phase:2,...
- 29 Dec 2014, 16:03
- Forum: General Discussion (csf)
- Topic: mod_sec violations not being blocked
- Replies: 3
- Views: 6186
Re: mod_sec violations not being blocked
I have the same "problem" with this exact same rule. Can someone shine some light on this why certain rules trigger a block and others not? What is missing here in order for CSF to block this?