How to disable two rules using the free ruleset?
Posted: Thu Sep 29, 2011 8:54 pm
I installed a script (piwik analytics) on my other server that does not have ASL installed but it does have the free gotroot delayed ruleset. I spent the last 2 hours trying to disable two rules for just one location on a single domain and it just will not work. The only thing that did work was simply disabling the two rules for the whole server by adding the following code to 999_asl_user_exclude.conf:
<LocationMatch .*>
<IfModule mod_security2.c>
SecRuleRemoveById 340162
SecRuleRemoveById 340163
</IfModule>
</LocationMatch>
Replacing .* with the complete url (with and without http), with the linux filesystem path, adding the code to the httpd.conf, etc etc... it just does not work. As these are two quite dangerous rules (remote file injection) to disable globally, i would prefer to only disable them for just this one location. The server has virtualmin/webmin installed, so i have complete freedom over all config files.
Note, i wish i could use ASL on there as well like on my other server, but i only have 2 VPS-es, so buying the minimum amount of 5 licenses is a bit steep for the free services i offer.
<LocationMatch .*>
<IfModule mod_security2.c>
SecRuleRemoveById 340162
SecRuleRemoveById 340163
</IfModule>
</LocationMatch>
Replacing .* with the complete url (with and without http), with the linux filesystem path, adding the code to the httpd.conf, etc etc... it just does not work. As these are two quite dangerous rules (remote file injection) to disable globally, i would prefer to only disable them for just this one location. The server has virtualmin/webmin installed, so i have complete freedom over all config files.
Note, i wish i could use ASL on there as well like on my other server, but i only have 2 VPS-es, so buying the minimum amount of 5 licenses is a bit steep for the free services i offer.