Hey guys, good morning! I need to create a rule to allow access to update.php to an specific ip. I created the rules but I couldn't put them togheter. I didn't use removerulebyid because the rule will totatlly ignored by modsecurity.
SecRule REQUEST_URI "^/update.php" id:1,phase:1,log,allow,ctl:ruleEngine=off SecRule REMOTE_ADDR "^192.168.1.10" id:2,phase:1,log,allow,ctl:ruleEngine=off In case above, or I allow everything to ip 192.168.1.10 or everyone can access update.php, so, I tried it: SecRule REMOTE_ADDR|REQUEST_URI "^192.168.1.10" "^/update.php" id:1,phase:1,log,allow,ctl:ruleEngine=off I also tried: SecRule REMOTE_ADDR|REQUEST_URI "^192.168.1.10" "^/update.php" id:1,phase:1,log,allow,ctl:ruleEngine=off "phase:2,log,allow,ctl:ruleEngine=off" in both case fail. How can I do that ? many thanks!!
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
