9

how to whitelist a certain cookie string in ModSecurity

view full story
linux-howto

http://serverfault.com – We are getting a lot of False Positives from using 3rd part software on our server. They themselves can't seem to fix it and I'm trying to work out how to allow cookies through that contain "CERTAINSTRING_" Below is an example of one of the bans. They are all the same rule id www.mysite.com 27.33.154.111 981231 [15/Dec/2013:12:14:36 +1100] Pattern match "(/\*!?|\*/|[';]--|--[\s\r\n\v\f]|(?:--[^-]?-)|([^\-&])#.?[\s\r\n\v\f]|;?\x00)" at REQUEST_COOKIES: _CERTAINSTRING. [file "/usr/local/apache/conf/modsecurity_crs_41_sql_injection_attacks.conf"] [line "49"] [id "981231"] [rev "2"] [ (HowTos)