Hi Josh, Thank you for your replay :)
in which file I can insert this rule ? Thank you. 2014-12-22 11:32 GMT+00:00 Josh Amishav-Zlatin <jam...@owasp.org>: > On Mon, Dec 22, 2014 at 11:46 AM, Ilyass Kaouam <ilyassi...@gmail.com> > wrote: > >> Hi >> >> We have a sub-site www.abcdef.com/Bilbo >> >> We want disable WAF for this subdomain /BilBO only >> > > Hi Ilyass, > > One way to do this is via a rule like: > > SecRule REQUEST_URI "^/bilbo" > id:1,t:none,t:lowercase,nolog,phase:1,allow,ctl:ruleEngine=Off,ctl:auditEngine=Off" > > Note you mention both /Bilbo and /BilBo above so I'm assuming the server > is case-insensitive and used bilbo in the rule and the lowercase > transformation. > > - Josh > > >> >> (this website is made by java) >> >> How I can do that? >> >> thank you >> >> -- >> *Ilyass kaouam* >> *Systems administrator* >> * at Inforisk Group Finaccess * >> *European Masters in Information Technology* >> *Portable : (212) * >> *6 34 57 14 36**http://www.inforisk.ma <http://www.inforisk.ma>* >> >> _______________________________________________ >> Owasp-modsecurity-core-rule-set mailing list >> Owasp-modsecurity-core-rule-set@lists.owasp.org >> https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set >> >> > -- *Ilyass kaouam* *Systems administrator* * at Inforisk Group Finaccess * *European Masters in Information Technology* *Portable : (212) * *6 34 57 14 36**http://www.inforisk.ma <http://www.inforisk.ma>*
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
