Disable modsec2 blacklist rule for specific hostname
Posted
by
KevinL
on Server Fault
See other posts from Server Fault
or by KevinL
Published on 2012-10-26T21:23:38Z
Indexed on
2012/10/26
23:04 UTC
Read the original article
Hit count: 198
mod-security
|modsecurity
I have a server running Apache2 with mod_security2. In modsec2.user.conf, there is a blacklist rule:
###BLACKLIST###
SecRule REQUEST_URI "mkdir"
I need to disable that rule for just one hostname on the server. I realize I could just remove it entirely but I'd rather keep it on for the other sites.
I realize you can use the SecRuleRemoveByID directive, based on each rule's ID, but as you can see above, this has no ID, it's just a string.
How do I disable that rule for just www.example.com, is there something I can do in custom.conf, whitelist.conf or exclude.conf ?
© Server Fault or respective owner