On Wed, Jun 5, 2013 at 3:25 PM, Aniyan Rajan <aniyan.raj...@gmail.com>wrote:
> > This solution is fine for me. I gave this in apache.conf as follows. But > it is not working (still forbidden). > > Is it Location or LocationMatch ? Thanks. > > Hi Aniyan, If your using a regex like below then use LocationMatch, otherwise if your only matching a specific URI then Location works. The audit log that you posted showed the request was to /iredadmin/login, thus use can use Location and simply remove the trailing / after 'login' in the Location section below. -- - Josh > <IfModule security2_module> > <Location /iredadmin/login/> > SecRuleRemoveById 960010 > </Location> > > Include modsecurity_crs/modsecurity_crs_10_setup.conf > Include modsecurity_crs/activated_rules/*.conf > > </IfModule> > > > _______________________________________________ > Owasp-modsecurity-core-rule-set mailing list > Owasp-modsecurity-core-rule-set@lists.owasp.org > https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set > >
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
