Main WebTask34Start - Use LocationMatch in rules
See TasksExplained? for more infos about tasks. This task is based on the template at TaskTemplateStart Status : closedCategory : gui
Date opened : 2007-10-02
Description : Use LocationMatch in rules
Referenced in stories/tasks :
Testsuite : test/functional/rules_generator_test.rb
Commited revision : 115
Remarks :
This has been a suggestion by Ofer Shezaf.
Changelog
2007-02-14 - implemented
Example ruleset looks as follows:... # allow: GET /index.html <LocationMatch "^/index.html$"> SecRule REQUEST_METHOD "^GET$" "allow,t:none,nolog,id:6" </LocationMatch> <LocationMatch "^/.*$"> SecAction "deny,status:501,severity:3,msg:'Unknown request. Access denied by fallback rule.'" </LocationMatch>Notes:
- The t:none covers for the fact, that t:lowercase is applied by default. T:lowercase is a standard transformation of the request parameters.
- status:501 covers an unexpected behaviour in modsecurity 2.1.0-rc7. SecAction would not take the SecDefaultAction into consideration but trigger a 403.
Main.TaskTemplateStart moved from Main.TaskTemplate on 19 Jan 2007 - 12:41 by ChristianFolini
-
Main Web
-
Start new story
- Start new task
- Create New Topic
-
Index
-
Search
-
Changes
-
Notifications
-
Statistics
-
Preferences
No permission to view WebLeftBarWebsList?
No permission to view WebTopBar?
No permission to view WebBottomBar?