How to override a single ModSecurity rule for a website?

Created:

2017-07-16 19:09:43 UTC

Modified:

2017-08-08 13:14:54 UTC

0

Was this article helpful?


Have more questions?

Submit a request

How to override a single ModSecurity rule for a website?

Question

How to override a single Web Application Firewall (ModSecurity) rule for a website?

Answer

Create a custom Apache directive under Domains > example.com > Apache & nginx Settings > Additional Apache directives section:

<IfModule mod_security2.c>
    SecRule REQUEST_FILENAME "@rx ^/test.php$" "id:'1000001',phase:1,t:none,deny,ctl:ruleRemoveById=340249"
</IfModule>

In the example above rule with id 340249 is replaced by rule with id 1000001 which restricts access to test.php file.

Additional Information

Mod security - Atomicorp Wiki. Creating custom rules

Have more questions? Submit a request
Please sign in to leave a comment.