On Sat, Jun 8, 2013 at 5:04 AM, Aniyan Rajan <aniyan.raj...@gmail.com>wrote:

> Hello,
>
> I have added the following to modsecurity_crs_55_marketing.conf. Is this
> okay ? Or is there any conventional method to block more bots ?
>
> SecRule REQUEST_HEADERS:User-Agent "bing(?:bot|ptc)" \
>         "phase:2,rev:'2.2.5',t:none,t:lowercase,block,msg:'Bing robot
> activity',id:'910009',severity:'6'\
> "
>
>
Hi Aniyan,

My comment before about not directly editing the CRS rules was mainly
because when you upgrade the rules you'll need to remember all the changes
you made and edit/update the new version as well. While there are several
ways to handle custom rules, I personally use a rules.conf file from which
my custom and CRS rules are included. Another note, you may want to assign
your custom rules an ID between 1-99,999 to avoid potential (future)
clashes with CRS rules.

--
 - Josh

Thanks.
>
>
> On Fri, Jun 7, 2013 at 5:01 PM, Aniyan Rajan <aniyan.raj...@gmail.com>wrote:
>
>> Hello,
>>
>> How can I block the Bing Bots that I am finding in my access.log ? I can
>> find some Bots Blocking in modsecurity_crs_55_marketing.conf. I thought of
>> editing it, but the previous reply from the mailing-list says that "Editing
>> the CRS rules directly is not recommended as it makes upgrading the
>> rules much harder". Please advise.
>>
>> Thanks.
>>
>
>
> _______________________________________________
> Owasp-modsecurity-core-rule-set mailing list
> Owasp-modsecurity-core-rule-set@lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
>
>
_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
Owasp-modsecurity-core-rule-set@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set

Reply via email to