First, thank you for your reply. > > There are a couple of ways to handle this, but here's one example that > disables both the rule and audit engine for a specific IP: > > SecRule REMOTE_ADDR "@streq xxx.xxx.xxx.xxx" "phase:1,nolog,allow, \ > ctl:ruleEngine=Off,ctl:auditEngine=Off" >
Does the equivalent string "LOCAL_ADDR" exist? It's the listening address of localhost i want to unblock... >> and >> 2) how to enable/disable some or all of CRS based on the request url, >> or the request path. > > To disable some of the rules based on URI you can use something like: > > <LocationMatch /phpmyadmin/> > SecRuleRemoveById 900000-900010 > SecRuleRemoveById 999999 > </LocationMatch> Silly question: how do I determine what the various ruleids will be? > > another variant could be: > > SecRule REQUEST_URI phpmyadmin "phase:2,t:none,t:lowercase,nolog, \ > ctl:ruleRemoveById=999999" > > -- > - Josh > I think i need to buy the book. :) --jason _______________________________________________ Owasp-modsecurity-core-rule-set mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
