store | blogs | forums | twitter | facebook | wiki | mailing lists | downloads | support portal
Atomic Secure Linux
It is currently Wed May 22, 2013 7:39 pm

View unanswered posts | View active topics


Board index » Customer Support Forums » Atomic Secured Linux Support

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]



Post new topic Reply to topic Share/Bookmark  Page 1 of 1
  [ 2 posts ] 
  Print view Previous topic | First unread post | Next topic 
Author Message
webmastersitesi
 Post subject: how to exclude specific urls from WAF
Unread postPosted: Tue Mar 13, 2012 4:21 am 
Offline
Forum User
Forum User

Joined: Sun Mar 11, 2012 12:36 pm
Posts: 5
Location: Russia
I saw at wiki this rule

<LocationMatch /url/to/your/application>
<IfModule mod_security2.c>
SecRuleRemoveById 1234567
SecRuleRemoveById 9999999
</IfModule>
</LocationMatch>


It's important for me to exclude WAF frules form 2 url which uses php how should i modify this code

<LocationMatch /var/www/vhosts/domain.com/public_html/anyproblem.php>
<IfModule mod_security2.c>
SecRuleRemoveById 1234567
SecRuleRemoveById 9999999
</IfModule>
</LocationMatch>

should i repeat this for each PHP that i need to exclude?
Top
 Profile  
 
mikeshinn
 Post subject: Re: how to exclude specific urls from WAF
Unread postPosted: Tue Mar 13, 2012 4:59 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
User avatar

Joined: Thu Feb 07, 2008 7:49 pm
Posts: 3245
Location: Chantilly, VA
Yes, but dont use the file name, you must use the URI name. So this:

<LocationMatch /var/www/vhosts/domain.com/public_html/anyproblem.php>

Will never match, unless you user is going to the URL

www.example.com//var/www/vhosts/domain. ... roblem.php

What you want to use, is whats described in the article: the URI to the file, or the path the user will use to access it, which in this case seems to be "/anyproblem.php"

_________________
Michael Shinn
Atomicorp - Security For Everyone

Co-Author of Troubleshooting Linux Firewalls.

Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic Share/Bookmark  Page 1 of 1
  [ 2 posts ] 

Board index » Customer Support Forums » Atomic Secured Linux Support

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]

Who is online

Users browsing this forum: No registered users and 2 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group