Hi Chaim, Thank you for you reply,
SecRule REQUEST_URI "^/SubmitCercle" id:1,t:none,t:lowercase,nolog,phase:1,allow,ctl:ruleEngine=Off,ctl:auditEngine=Off You would like say like this ? Thank you 2015-12-23 18:25 GMT+00:00 Chaim Sanders <csand...@trustwave.com>: > The ideal way to do this with OWASP crs is to exclude that variable from > being inspected by the given rule. This can be done by using the > secupdatetargetbyid directive. To this directive you may pass ! Action and > also the id of the rule causing the issue. For an example please see the > modsecurity reference manual. > When not using OWASP you would probably add chained portions to the rule > to exclude it from firing whenever the request URL and parameters were > present. Doing this with OWASP will cause issues with updates potentially. > On Dec 23, 2015 11:41 AM, Ilyass Kaouam <ilyassi...@gmail.com> wrote: > > Hi, > > Hello, > > I have a question please > > I have a text field in which the user enters a message, the WAF blocks > this request > here is the url: > > POST / servlet / EspaceClientServlet?Action=Ajax$SubmitCercle > > I want to exclude this request that is to say to waf do not filter queries > with "POST / servlet/EspaceClientServlet?Action=Ajax$SubmitCercle" > > Can you please tell me how? > > Thank you > > -- > *Ilyass kaouam* > *Systems administrator* > * at Inforisk Group Finaccess * > > > ------------------------------ > > This transmission may contain information that is privileged, > confidential, and/or exempt from disclosure under applicable law. If you > are not the intended recipient, you are hereby notified that any > disclosure, copying, distribution, or use of the information contained > herein (including any reliance thereon) is strictly prohibited. If you > received this transmission in error, please immediately contact the sender > and destroy the material in its entirety, whether in electronic or hard > copy format. > -- *Ilyass kaouam* *Systems administrator* * at Inforisk Group Finaccess * *European Masters in Information Technology* *Portable : (212) * *6 34 57 14 36**http://www.inforisk.ma <http://www.inforisk.ma>*
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
