ModSecurity SecRule 从任何检查中排除 URL
ModSecurity SecRule to exclude an URL from any check
ModSecurity 在尝试打开 url 时出现误报:https://www.galgani.it/solitudine-contesti-virtuali-internet-facebook-social-network-smartphone/solitudine-e-contesti-virtuali.html
返回 403 错误。
这只是一个简单的静态 html 页面,没有 javascript 或动态代码。
ModSecurity 适用于我的其他页面。在 /etc/modsecurity/modsecurity.conf 中,我可以将哪个规则添加到白名单(或排除)特定 url?
错误是:
[Fri Mar 27 14:54:50.189006 2020] [:error] [pid 10566:tid 140214542481152] [client 91.252.113.190:26752] [client 91.252.113.190] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/RESPONSE-980-CORRELATION.conf"] [line "82"] [id "980140"] [msg "Outbound Anomaly Score Exceeded (score 4): PHP source code leakage"] [tag "event-correlation"] [hostname "www.galgani.it"] [uri "/solitudine-contesti-virtuali-internet-facebook-social-network-smartphone/solitudine-e-contesti-virtuali.html"] [unique_id "Xn4FqfNLERK@02hvkdmOogAAAFI"]
已解决!要插入 /etc/modsecurity/modsecurity.conf 以将特定 URL 列入白名单的规则是:
SecRule REQUEST_FILENAME "@streq /solitudine-contesti-virtuali-internet-facebook-social-network-smartphone/solitudine-e-contesti-virtuali.html" "id:1,phase:2,nolog,allow,ctl:ruleEngine=Off"
ModSecurity 在尝试打开 url 时出现误报:https://www.galgani.it/solitudine-contesti-virtuali-internet-facebook-social-network-smartphone/solitudine-e-contesti-virtuali.html
返回 403 错误。
这只是一个简单的静态 html 页面,没有 javascript 或动态代码。
ModSecurity 适用于我的其他页面。在 /etc/modsecurity/modsecurity.conf 中,我可以将哪个规则添加到白名单(或排除)特定 url?
错误是:
[Fri Mar 27 14:54:50.189006 2020] [:error] [pid 10566:tid 140214542481152] [client 91.252.113.190:26752] [client 91.252.113.190] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/RESPONSE-980-CORRELATION.conf"] [line "82"] [id "980140"] [msg "Outbound Anomaly Score Exceeded (score 4): PHP source code leakage"] [tag "event-correlation"] [hostname "www.galgani.it"] [uri "/solitudine-contesti-virtuali-internet-facebook-social-network-smartphone/solitudine-e-contesti-virtuali.html"] [unique_id "Xn4FqfNLERK@02hvkdmOogAAAFI"]
已解决!要插入 /etc/modsecurity/modsecurity.conf 以将特定 URL 列入白名单的规则是:
SecRule REQUEST_FILENAME "@streq /solitudine-contesti-virtuali-internet-facebook-social-network-smartphone/solitudine-e-contesti-virtuali.html" "id:1,phase:2,nolog,allow,ctl:ruleEngine=Off"