View more context

 

Joe

if they’re not, though, that’s really when I want ModSecurity to kick in

andante

https://stackoverflow.com/a/46045010 could be the answer

Show 1 attachment(s)
Stack Overflow  
Disable mod_security by requested URL

I use mod_security with Apache 2.4. On this platform we have an ecommerce system using the following URL for its administrative tools: http://www.tld.com/en/backend I want to achive to goals: Ac...

Hide attachment content
Joe

well crap - turning off the rules in the virtualhost config doesn’t seem to stop the request from getting blocked

kinglozzer

Yeah there are a few ModSecurity rules that SilverStripe seems to trigger…

Joe

is there a reference page for what rules those might be and how to accommodate?

Joe

cuz if not, that’d be really, really handy lol

kinglozzer

We had it on a cPanel server, and updates to the server kept adding new rules and getting clients blocked again 😛