Try changing the phase to phase 1 as phase 4 rules are for processing the response body and the request has already reached your backend by phase 4.
-- Osama Elnaggar On August 24, 2017 at 6:20:26 AM, Cristiano Galdino ( cristiano.gald...@gmail.com) wrote: Hi! I have an application returning status 500 and I can not fix it or take it out. I try disable rule 970901 but modsecurity keeps logging events . File: *modsecurity_crs_15_local_exceptions.conf* SecRule REQUEST_FILENAME "@beginsWith /monitor/" \ "id:2500,phase:4,nolog,noauditlog,t:none,t:lowercase,msg:'Desativa regras de para o contexto SIPAG-MONITOR-WEB',pass, \ ctl:ruleRemoveById=970901" What can I do? Tks! -- Cristiano Galdino - cristi...@galdino.net http://cristiano.galdino.net _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
