Hello all, I am part-way through a bare metal rebuild of my small home server on a Fedora 17 platform. I have always had a problem with ModSec and Squirrelmail. Most of Squirrelmail's functions seem to hit ModSec rules. In the past I have dealt with this by means of a custom rule which I put in modsecurity_localrules.conf which read: SecRule REQUEST_URI "@rx(compose|delete_message|options|move_messages| gpg_pop_init.php)\.php" "pass,ctl:ruleEngine=DetectionOnly" (The URI is usually something like /webmail/src/compose.php)
Now that I am on the latest everything (ModSec 2.2.6, CRS 2.2.5) I wonder if there was a better way of doing this? I am surely not the only person who uses ModSec and Squirrelmail. What is the best way to deal with this? Thanks in advance for any help / suggestions. Mark
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
