Hey Dietrich,
If you want to get rid of the rule altogether (not just whitelist certain URLs
against it), you won’t actually need that LocationMatch section. I believe this
should work:
<IfModule mod_security2.c>
SecRuleRemoveById 960012
</IfModule>
What it looks like was actually causing it not to work was that, because
LocationMatch uses regular expressions, you would want to use “/.*” instead of
“/*” to match every URL (again, the LocationMatch is redundant if you’re
looking to disable the rule for every URL anyways =] ):
<LocationMatch /.* >
<IfModule mod_security2.c>
SecRuleRemoveById 960012
</IfModule>
</LocationMatch>
On Nov 12, 2013, at 11:55 AM, Dietrich Streifert
<[email protected]> wrote:
> I'm trying create a setup for a subversion dav over http server. I've
> successfully managed to enable the needed content-type 'application/vnd.svn*'
> and the request methods like PROPFIND etc.
>
> While trying to commit to the repositories which are served vi the above
> setup, I'm getting a rule violation against rule id "960012" in
> modsecurity_crs_20_protocol_violations.conf, line 312, which is caused by the
> javahl svn client of eclipse.
>
> I've tried to disable the rule via
>
> <LocationMatch /* >
> <IfModule mod_security2.c>
> SecRuleRemoveById 960012
> </IfModule>
> </LocationMatch>
> with no success.
>
> I've seen in line 312 of modsecurity_crs_20_protocol_violations.conf that
> rule id 960012 has a chained rule which has no rule id.
>
> Would I need to also disable the chained rule, which of course, I can't do
> because of the missing rule id?
>
> Is this a bug or a newbies common mistake?
>
> Regards
> Dietrich
> _______________________________________________
> Owasp-modsecurity-core-rule-set mailing list
> [email protected]
> https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
[email protected]
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
