Re: [Owasp-modsecurity-core-rule-set] rules match despite updated target list

Barry Pollard Tue, 26 Apr 2016 12:26:22 -0700

You are whitelisting the cookie name and not its value.

Try this:


    SecRuleUpdateTargetById 981318 "!REQUEST_COOKIES:CFAUTHORIZATION_cfadmin"

Thanks,
Barry

> On 26 Apr 2016, at 19:47, Colin MacAllister <[email protected]> wrote:
> 
> SecRuleUpdateTargetById 981318 
> "!REQUEST_COOKIES_NAMES:CFAUTHORIZATION_cfadmin"
_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
[email protected]
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set

Re: [Owasp-modsecurity-core-rule-set] rules match despite updated target list

Reply via email to