Request Filter

[Dani]

Is it possible to have a filter that looks at the url?

For example I want to deny everyone that tries to visit mydomain.com/*/include.php/*

so I created a rule with

action: log,deny,status:403,msg:'include.php attempt'

Rules Definition: SecFilter "include.php"


but it doesn't seem to have any effect?

 

[mistwang]

If you using Apache's httpd.conf, you have to set the rule in httpd.conf. And you can try "SecFilterSelective ...", please refer mod_security 1.9 documentation.

 

[Dani]

I had nothing before this so it's litespeed all the way. Is there another way maybe to do this other than using the request filter?