Re: [Owasp-modsecurity-core-rule-set] Unable to remove rule 960012 with SecRuleRemoveById

Tue, 12 Nov 2013 19:49:06 -0800 

Hey Dietrich,

If you want to get rid of the rule altogether (not just whitelist certain URLs 
against it), you won’t actually need that LocationMatch section. I believe this 
should work:

  <IfModule mod_security2.c>
      SecRuleRemoveById 960012
 </IfModule>

What it looks like was actually causing it not to work was that, because 
LocationMatch uses regular expressions, you would want to use “/.*” instead of 
“/*” to match every URL (again, the LocationMatch is redundant if you’re 
looking to disable the rule for every URL anyways =] ):

<LocationMatch /.* >
  <IfModule mod_security2.c>
      SecRuleRemoveById 960012
 </IfModule>
</LocationMatch>

On Nov 12, 2013, at 11:55 AM, Dietrich Streifert 
<dietrich.streif...@googlemail.com> wrote:

> I'm trying create a setup for a subversion dav over http server. I've 
> successfully managed to enable the needed content-type 'application/vnd.svn*' 
> and the request methods like PROPFIND etc.
> 
> While trying to commit to the repositories which are served vi the above 
> setup, I'm getting a rule violation against rule id "960012" in 
> modsecurity_crs_20_protocol_violations.conf, line 312, which is caused by the 
> javahl svn client of eclipse.
> 
> I've tried to disable the rule via
> 
> <LocationMatch /* >
>   <IfModule mod_security2.c>
>       SecRuleRemoveById 960012
>  </IfModule>
> </LocationMatch>
> with no success.
> 
> I've seen in line 312 of modsecurity_crs_20_protocol_violations.conf that 
> rule id 960012 has a chained rule which has no rule id.
> 
> Would I need to also disable the chained rule, which of course, I can't do 
> because of the missing rule id?
> 
> Is this a bug or a newbies common mistake?
> 
> Regards
> Dietrich
> _______________________________________________
> Owasp-modsecurity-core-rule-set mailing list
> Owasp-modsecurity-core-rule-set@lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set

_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
Owasp-modsecurity-core-rule-set@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set

Reply via email to