Try this in your custom before file (should execute before the CRS rules are executed)
SecRule ARGS: keyword "@streq 100%" "id:999013,phase:2,t:none,t:lowercase,nolog,pass,ctl:ruleRemoveTargetById=950907; ARGS: keyword " Note : please replace the rule id with the actual rule id that is being triggered in this scenario , the above rule id is just an example Thanks Subin Application Security consultant | GISTR Dryrock, DE | Cube# 4-060 Work: (302) 255-7709 | Cell: (214) 799 - 2769 -----Original Message----- From: owasp-modsecurity-core-rule-set-boun...@lists.owasp.org [mailto:owasp-modsecurity-core-rule-set-boun...@lists.owasp.org] On Behalf Of Delia Lunsford Sent: Thursday, July 17, 2014 2:26 PM To: owasp-modsecurity-core-rule-set@lists.owasp.org Subject: [Owasp-modsecurity-core-rule-set] Percent signs in urls I'm sure this has been asked many times before but I am having real difficulty finding an answer to a small problem for me - large problem for a hosting customer. I primarily host ZenCart websites which has a site search. One customer sells coffee - and he wants his customers to be able to search for "100% kona". That triggers mod security as the search parameters are passed to the url. The url becomes: domain.com/index.php?main_page=advanced_search_result&search_in_description=0&keyword=100% kona Obviously nothing I've tried can change the trigger - mod security just doesn't like that percent sign mixed into that keyword set. Is it possible to have exceptions to this rule at all? What do you recommend I do? Delia Wilson Lunsford WizTech, Inc., (formerly Delia Wilson Design, LLC.) 434-202-4307 Terms and Conditions for working with WizTech, Inc. (http://www.teamwiztech.com/terms-conditions.php) _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set Barclaycard www.barclaycardus.com<http://www.barclaycardus.com> This email and any files transmitted with it may contain confidential and/or proprietary information. It is intended solely for the use of the individual or entity who is the intended recipient. Unauthorized use of this information is prohibited. If you have received this in error, please contact the sender by replying to this message and delete this material from any system it may be on. _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
