Answer by Barry Pollard for Modsecurity check REQUEST_URI without query...
You could use the REQUEST_FILENAME variable instead of REQUEST_URI.You are recommended not to directly edit the OWASP CRS rules themselves but instead to add extra rules to adjust them. This allows you...
View ArticleModsecurity check REQUEST_URI without query parameters
Currently, I am using Modsecurity XSS prevention, but I'm having a hard time understanding how exactly I can restrict what I'm checking for in the REQUEST_URI variable.My Example:## -=[ XSS Filters -...
View Article
More Pages to Explore .....