Is it possible for a mod_security rule to drop a cookie or an argument from a request without dropping the entire request? We're constantly having to monitor our error_log and add exceptions whenever us or a 3rd party is setting a cookie or an argument that looks suspicious to the core rules set.
Ideally I'd like to be able to tell mod_security to drop any offending get or post args or cookies if they look suspicious so that the request is still handled, but the scary data doesn't end up getting processed. Of course I'd want to log this when it happens so that if the cookie/arg is something that my app cares about I can decide what needs to happen next. I'm tired of having to add exceptions every time some new 3rd party cookie gets set on the domain that has complex characters, or resembles a injection attack. -- John McGowan _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
