1

I run several domains (via vhosts) with the same apache installation. Some domains require different mod_security rules than the others. In a seperate exceptions.conf file I collect all those rules and have this syntax:

<Location "/test">
    SecAuditEngine Off
    SecRuleRemoveById 950134
    SecRuleRemoveById 981265
    SecRuleRemoveById 981289
    SecRuleRemoveById 981244
    SecAuditEngine RelevantOnly     
</Location>

But this rule would match all /test folders on all domains! But I only want to limit it to a specific host. How can I limit those rules to a vhost only in a global exceptions.conf file?

powtac
  • 639
  • 2
  • 6
  • 19

1 Answers1

1

Here are some different ways to do that:

  • instead of having a global exception file, put the exceptions inside the virtual host definitions
  • if you want to have an exception file separate from the actual virtual host definition, don't include it in the main server config - instead include it from inside the virtual host.
  • instead of using <Location>, use SecRule and the ctl:ruleRemoveByID action. Example:

SecRule SERVER_NAME "somedomain\.com$" "@streq /test/.*" "ctl:ruleRemoveByID=981244"

If possible, the first one would be by far the simplest.

Jenny D
  • 27,358
  • 21
  • 74
  • 110
  • How would I set a different SecResponseBodyLimit? – powtac Apr 29 '13 at 08:28
  • `"@streq /test/.*"` is seems too much, results into: `SecRule takes two or three arguments, rule target, operator and optional action list`. – powtac Apr 29 '13 at 08:47