On Wed, Sep 5, 2012 at 3:00 PM, Leonardo Bacha Abrantes < leona...@lbasolutions.com> wrote:
> Hey guys, good morning! > > I need to create a rule to allow access to update.php to an specific ip. I > created the rules but I couldn't put them togheter. > I didn't use removerulebyid because the rule will totatlly ignored by > modsecurity. > > > SecRule REQUEST_URI "^/update.php" > id:1,phase:1,log,allow,ctl:ruleEngine=off > SecRule REMOTE_ADDR "^192.168.1.10" > id:2,phase:1,log,allow,ctl:ruleEngine=off > Hi Leonardo, Take a look at the chain action: http://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#chain Something like the following should work (not tested): SecRule REQUEST_URI "^/update.php" id:1,phase:1,log,allow,chain,ctl:ruleEngine=off SecRule REMOTE_ADDR "^192.168.1.10" -- - Josh > In case above, or I allow everything to ip 192.168.1.10 or everyone can > access update.php, so, I tried it: > > > SecRule REMOTE_ADDR|REQUEST_URI "^192.168.1.10" "^/update.php" > id:1,phase:1,log,allow,ctl:ruleEngine=off > > I also tried: > > SecRule REMOTE_ADDR|REQUEST_URI "^192.168.1.10" "^/update.php" > id:1,phase:1,log,allow,ctl:ruleEngine=off > "phase:2,log,allow,ctl:ruleEngine=off" > > in both case fail. How can I do that ? > > > > many thanks!! > > _______________________________________________ > Owasp-modsecurity-core-rule-set mailing list > Owasp-modsecurity-core-rule-set@lists.owasp.org > https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set > >
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
