store | blogs | forums | twitter | facebook | wiki | downloads | support portal
Atomic Secure Linux
It is currently Mon Oct 20, 2014 8:31 pm

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 2 posts ] 
Author Message
 Post subject: How to disable two rules using the free ruleset?
Unread postPosted: Thu Sep 29, 2011 8:54 pm 
Offline
Forum Regular
Forum Regular

Joined: Tue Jun 24, 2008 12:05 pm
Posts: 153
I installed a script (piwik analytics) on my other server that does not have ASL installed but it does have the free gotroot delayed ruleset. I spent the last 2 hours trying to disable two rules for just one location on a single domain and it just will not work. The only thing that did work was simply disabling the two rules for the whole server by adding the following code to 999_asl_user_exclude.conf:

<LocationMatch .*>
<IfModule mod_security2.c>
SecRuleRemoveById 340162
SecRuleRemoveById 340163
</IfModule>
</LocationMatch>

Replacing .* with the complete url (with and without http), with the linux filesystem path, adding the code to the httpd.conf, etc etc... it just does not work. As these are two quite dangerous rules (remote file injection) to disable globally, i would prefer to only disable them for just this one location. The server has virtualmin/webmin installed, so i have complete freedom over all config files.

Note, i wish i could use ASL on there as well like on my other server, but i only have 2 VPS-es, so buying the minimum amount of 5 licenses is a bit steep for the free services i offer.


Top
 Profile  
 
 Post subject: Re: How to disable two rules using the free ruleset?
Unread postPosted: Sat Oct 01, 2011 7:04 am 
Offline
Long Time Forum Regular
Long Time Forum Regular

Joined: Sat Aug 20, 2005 9:30 am
Posts: 2812
Location: The Netherlands
Put that section in the domain's vhost and it should only apply to that vhost.

You cannot specify full URL's or file system paths in a Location or LocationMatch statement. Only the URL path is matched by Location/LocationMatch (for http://www.example.com/dir/file.php this is /dir/file.php), if you want to match on file system path you'll need to use a Directory/DirectoryMatch statement.

See the Apache documentation for more details on those configuration statements.

_________________
Lemonbit Internet Dedicated Server Management


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group