DEV Community

Henri Sekeladi
Henri Sekeladi

Posted on

1

Whitelisting Specific Paths on Modsecurity 3 with OWASP Rules

Modsecurity with rule from OWASP rule set, make security very strict, sometimes modsecurity flag false positive in content that we post in form.

To whitelist the spesific path, we can add on modsecurity.conf to whitelist those path or spesific url.

We are on ubuntu server 22.04 with nginx and modsecurity installed and owasp rule in /etc/nginx/conf/owasp-crs/.

sudo nano /etc/nginx/conf/owasp-crs/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf

and add this line in the bottom of the file

SecRule REQUEST_URI "@beginsWith /ptickets" "id:932130,phase:1,log,allow,ctl:ruleEngine=off

This mean :

Request URI begin with /ptickets will be ignored in modsecurity with rule id is 932130. Rule id 932130 is rule on OWASP for prevent Remote Code Execution on our website and it's need to be unique.

Don't forget to reload our nginx server to take effect :

sudo service nginx reload

Thank you very much, hope this post is useful and give us some love!

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more

Top comments (0)

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs

👋 Kindness is contagious

Engage with a sea of insights in this enlightening article, highly esteemed within the encouraging DEV Community. Programmers of every skill level are invited to participate and enrich our shared knowledge.

A simple "thank you" can uplift someone's spirits. Express your appreciation in the comments section!

On DEV, sharing knowledge smooths our journey and strengthens our community bonds. Found this useful? A brief thank you to the author can mean a lot.

Okay