Disable modsec2 blacklist rule for specific hostname

Posted by KevinL on Server Fault See other posts from Server Fault or by KevinL
Published on 2012-10-26T21:23:38Z Indexed on 2012/10/26 23:04 UTC
Read the original article Hit count: 198

Filed under:
|

I have a server running Apache2 with mod_security2. In modsec2.user.conf, there is a blacklist rule:

###BLACKLIST###
SecRule REQUEST_URI "mkdir"

I need to disable that rule for just one hostname on the server. I realize I could just remove it entirely but I'd rather keep it on for the other sites.

I realize you can use the SecRuleRemoveByID directive, based on each rule's ID, but as you can see above, this has no ID, it's just a string.

How do I disable that rule for just www.example.com, is there something I can do in custom.conf, whitelist.conf or exclude.conf ?

© Server Fault or respective owner

Related posts about mod-security

Related posts about modsecurity