0

I want to disable this rule:

[file "/usr/share/modsecurity-crs/activated_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "159"] [id "981173"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data: - found within ARGS:customize_changeset_uuid: a507417f-75f3-434e-ac8c-90b21b3b164d"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"]

For the directory

/var/www/directory/wp-admin

Where should the exception go? In my .htaccess? or the vhost file?

romanturbo
  • 33
  • 1
  • 6
  • Please do not cross post across multiple stack exchange sites, without giving a chance for question to be answered. http://stackoverflow.com/questions/43572261/how-to-disable-a-specific-mod-security-rule-in-a-specific-directory – Barry Pollard Apr 23 '17 at 21:42

1 Answers1

1

If you want to disable it for all users in server then you can make changes in your vhosts, otherwise to disable this rule for single user you can take the modsec rule id (which in your case is 981173) and change .htaccess file inside /var/www/romanpastu/.

Someone claimed "Support for .htaccess files was discontinued in 2.x as it raised too many security issues." : Source here

Is this 2.x or 3.x? You can try 3.x rule set from here

You may also want to try ConfigServer ModSecurity Control (cmc) to easily manage modsec rules.

Community
  • 1
Prakash
  • 131
  • 6
  • modsecurity 2.8.0, Ive no cpanel, so i cant install that, but I will try the rules, however seems tricky to install – romanturbo Apr 23 '17 at 14:50