« previous next »
Pages: [1]

Author Topic: How to disable a rule by ID  (Read 9001 times)

0 Members and 1 Guest are viewing this topic.

Offline
DA_MAN
*
How to disable a rule by ID
« on: January 08, 2019, 12:01:01 PM »
I cannot seem to get modsecurity to disable ID 211190 for a website. The edit rules section is not clear on how to disable a rule by ID. I know how not to do it as it crashes Apache. Also saying, "For instructions please use our forum." when there are no instructions here is pretty silly.

Like so many things documented here on the forums and in the wiki are outdated. At least I cannot find anything on the new modsecurity interface. I don't want to have to entirely disable modsecurity just because I cannot figure out how to remove rules by ID.
Logged
Offline
paldig
*
Re: How to disable a rule by ID
« Reply #1 on: January 22, 2019, 11:51:32 AM »
Hi,

Go to Mod Security> Accounts> Edit rules> Edit file> add the output below:

<IfModule mod_security2.c>
SecRuleEngine On
SecRuleRemoveById 211190
</IfModule>

Replace the mod_sec ID with the one you want to exclude, in your case it is 211190. Then restart/reload the apache server.
« Last Edit: January 22, 2019, 11:53:33 AM by paldig »
Logged
Pages: [1]
« previous next »