The ideal way to do this with OWASP crs is to exclude that variable from being inspected by the given rule. This can be done by using the secupdatetargetbyid directive. To this directive you may pass ! Action and also the id of the rule causing the issue. For an example please see the modsecurity reference manual. When not using OWASP you would probably add chained portions to the rule to exclude it from firing whenever the request URL and parameters were present. Doing this with OWASP will cause issues with updates potentially.
On Dec 23, 2015 11:41 AM, Ilyass Kaouam <ilyassi...@gmail.com> wrote: Hi, Hello, I have a question please I have a text field in which the user enters a message, the WAF blocks this request here is the url: POST / servlet / EspaceClientServlet?Action=Ajax$SubmitCercle I want to exclude this request that is to say to waf do not filter queries with "POST / servlet/EspaceClientServlet?Action=Ajax$SubmitCercle" Can you please tell me how? Thank you -- Ilyass kaouam Systems administrator at Inforisk Group Finaccess ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
