Okay, so this is my first email to this group and first time I've ever looked at mod security. Can you dumb that down some? or point me to information about how to do that?
Custom file? before the CRS rules? There's obviously a lot I don't know. Where do I start? Delia Wilson Lunsford WizTech, Inc., (formerly Delia Wilson Design, LLC.) 434-202-4307 Terms and Conditions for working with WizTech, Inc. (http://www.teamwiztech.com/terms-conditions.php) On Thu, Jul 17, 2014 at 2:50 PM, Thayyilekandy, Subin : Barclaycard US <sthayyile...@barclaycardus.com> wrote: > Try this in your custom before file (should execute before the CRS rules are > executed) > > SecRule ARGS: keyword "@streq 100%" > "id:999013,phase:2,t:none,t:lowercase,nolog,pass,ctl:ruleRemoveTargetById=950907; > ARGS: keyword " > > Note : please replace the rule id with the actual rule id that is being > triggered in this scenario , the above rule id is just an example > > Thanks > > Subin > Application Security consultant | GISTR > Dryrock, DE | Cube# 4-060 > Work: (302) 255-7709 | Cell: (214) 799 - 2769 > > -----Original Message----- > From: owasp-modsecurity-core-rule-set-boun...@lists.owasp.org > [mailto:owasp-modsecurity-core-rule-set-boun...@lists.owasp.org] On Behalf Of > Delia Lunsford > Sent: Thursday, July 17, 2014 2:26 PM > To: owasp-modsecurity-core-rule-set@lists.owasp.org > Subject: [Owasp-modsecurity-core-rule-set] Percent signs in urls > > I'm sure this has been asked many times before but I am having real > difficulty finding an answer to a small problem for me - large problem for a > hosting customer. > > I primarily host ZenCart websites which has a site search. One customer sells > coffee - and he wants his customers to be able to search for "100% kona". > That triggers mod security as the search parameters are passed to the url. > > The url becomes: > domain.com/index.php?main_page=advanced_search_result&search_in_description=0&keyword=100% > kona > > Obviously nothing I've tried can change the trigger - mod security just > doesn't like that percent sign mixed into that keyword set. > > Is it possible to have exceptions to this rule at all? What do you recommend > I do? > > Delia Wilson Lunsford > WizTech, Inc., (formerly Delia Wilson Design, LLC.) > 434-202-4307 > Terms and Conditions for working with WizTech, Inc. > (http://www.teamwiztech.com/terms-conditions.php) > _______________________________________________ > Owasp-modsecurity-core-rule-set mailing list > Owasp-modsecurity-core-rule-set@lists.owasp.org > https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set > > Barclaycard > > www.barclaycardus.com<http://www.barclaycardus.com> > > This email and any files transmitted with it may contain confidential and/or > proprietary information. It is intended solely for the use of the individual > or entity who is the intended recipient. Unauthorized use of this information > is prohibited. If you have received this in error, please contact the sender > by replying to this message and delete this material from any system it may > be on. _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
