Hello,
there is a server with cPanel and LiteSpeed with ModSecurity. For ModSecurity work apache-style config is used.
Is there any method to exclude some virtual domain? I mean the way to turn ModSecurity for one of domains off.
We tried to use:
SecRule SERVER_NAME "(?:.*\.)?www\.domain4demo\.com(?::80)?|(?:.*\.)?domain4demo\.com(?::80)?" "phase:1,nolog,noauditlog,allow,ctl:ruleEngine=Off,id:10001"
but it works for Apache only. Then we turned to LiteSpeed ModSecurity for domain4demo.com still works.
there is a server with cPanel and LiteSpeed with ModSecurity. For ModSecurity work apache-style config is used.
Is there any method to exclude some virtual domain? I mean the way to turn ModSecurity for one of domains off.
We tried to use:
SecRule SERVER_NAME "(?:.*\.)?www\.domain4demo\.com(?::80)?|(?:.*\.)?domain4demo\.com(?::80)?" "phase:1,nolog,noauditlog,allow,ctl:ruleEngine=Off,id:10001"
but it works for Apache only. Then we turned to LiteSpeed ModSecurity for domain4demo.com still works.