禁用bridge.php脚本的mod_security
[英]disable mod_security for a bridge.php script
问题描述
I want to use a regex pattern to disable mod_security of Apache for 2 scripts: bridge.php and mobile-bridge.php . 
我想使用正则表达式模式来禁用Apache的mod_security 2个脚本: bridge.php和mobile-bridge.php 。
I think I can do it in a file named mod_security_whitelist.conf inside the configuration folder /etc/httpd/httpd/conf.d : 我想我可以在配置文件夹/etc/httpd/httpd/conf.d名为mod_security_whitelist.conf的文件中执行此操作:
[ Please correct me if I am wrong somewhere ] [如果我错了,请纠正我]
<IfModule mod_security2.c>
# ModSecurity disabled for bridge.php and mobile-bridge.php scripts
<DirectoryMatch "/home/websitename/public_html">
<Files "([a-z],-)*bridge\.php$">
SecRuleEngine Off
</Files>
</DirectoryMatch>
</IfModule>
1 个解决方案
解决方案1
2 已采纳 2014-03-29 16:47:47
If you know the files are in a specific location—such as right at the first path of the URL—then use something like LocationMatch : 如果您知道文件位于特定位置(例如在URL的第一个路径右侧),那么请使用类似LocationMatch :
<IfModule mod_security2.c>
<LocationMatch /(mobile-bridge.php|bridge.php)>
SecRuleEngine Off
</LocationMatch>
</IfModule>
But there is a nice equivalent of that for files called FilesMatch that should work as well: 但是对于名为FilesMatch文件来说,还有一个相当不错的功能:
<IfModule mod_security2.c>
<FilesMatch (mobile-bridge.php|bridge.php)>
SecRuleEngine Off
</FilesMatch >
</IfModule>
Or perhaps it would work like this: 或者它可能会像这样工作:
<IfModule mod_security2.c>
<FilesMatch "([a-z],-)*bridge\.php$">
SecRuleEngine Off
</FilesMatch >
</IfModule>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.