Re: [Owasp-modsecurity-core-rule-set] rules match despite updated target list

Colin MacAllister Tue, 26 Apr 2016 12:56:05 -0700

I'm trying to remove the rule when the cookie *name* is that CFAUTH... The 
cookie value changes with each session. What the have in common are enclosing 
double quotes, but I only wish to whitelist them when the cookie name is as 
above.

from my phone

On Apr 26, 2016 3:10 PM, Barry Pollard <barry_poll...@hotmail.com> wrote:
You are whitelisting the cookie name and not its value.

Try this:

    SecRuleUpdateTargetById 981318 "!REQUEST_COOKIES:CFAUTHORIZATION_cfadmin"

Thanks,
Barry

> On 26 Apr 2016, at 19:47, Colin MacAllister <cmacallis...@probono.net> wrote:
>
> SecRuleUpdateTargetById 981318 
> "!REQUEST_COOKIES_NAMES:CFAUTHORIZATION_cfadmin"

_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
Owasp-modsecurity-core-rule-set@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set

Re: [Owasp-modsecurity-core-rule-set] rules match despite updated target list

Reply via email to