Hello Group,
I'm come across an issue in which I'll be using ModSecurity to protect a site with an encrypted URI. For the sake of reducing false positives, what would be the most effective way to omit the URI from scanning but continue to scan other HTTP header fields and all payloads?
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
