I'm trying to remove the rule when the cookie *name* is that CFAUTH... The cookie value changes with each session. What the have in common are enclosing double quotes, but I only wish to whitelist them when the cookie name is as above.
from my phone On Apr 26, 2016 3:10 PM, Barry Pollard <[email protected]> wrote: You are whitelisting the cookie name and not its value. Try this: SecRuleUpdateTargetById 981318 "!REQUEST_COOKIES:CFAUTHORIZATION_cfadmin" Thanks, Barry > On 26 Apr 2016, at 19:47, Colin MacAllister <[email protected]> wrote: > > SecRuleUpdateTargetById 981318 > "!REQUEST_COOKIES_NAMES:CFAUTHORIZATION_cfadmin"
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
