stackoom
  简体   繁体   中英

ModSecurity Whitelisting for specific uri

 原文  2021-12-03 06:46:11       php/ apache/ security/ centos

Question

I have set up Apache2 + PHP5 on CentOS 7

Some PHPs of my web application, they accept UUID as GET parameter and this violates the ModSecurity URI pattern.

I want to set up ModSecurity to bypass security checks for specific URIs. How can I do this?

Thanks!

1 answers

solution1
 0  2021-12-03 07:25:33

You can create an exclusion rule like this:

SecRule REQUEST_FILENAME "@endsWith /dir/script.php" \
    "id:1000,\
    phase:2,\
    pass,\
    t:none,\
    nolog,\
    ctl:ruleRemoveTargetById=932130;ARGS:get_or_post_parameter,\
    ctl:ruleRemoveTargetById=941100;ARGS:get_or_post_parameter,\
    ctl:ruleRemoveTargetById=932130;ARGS:get_or_post_parameter2"

Set your URI in the first line and, at the end of the rule, add exclusions for pairs of rule ID and GET/POST parameter name (like in the example above). Finally, put rule into file REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Route URI to a specific folder in CakePHP .htaccess and Apache ModSecurity problem with modsecurity in ajax - litespeed PUT Method Restriction with ModSecurity Remove specific variable from URI string How to route URI with a specific Method in CodeIgniter how to make .htaccess ignore specific uri part Is this proper sanitization and whitelisting in PHP How to redirect in .htaccess for specific pattern URI Send specific request uri to subdirectory using htaccess
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM