Configuration variables overwriting

51 views
Skip to first unread message

Systems Admin

unread,
Apr 27, 2023, 2:34:09 AM4/27/23
to ModSecurity Core Rule Set project
Hello,
I did not find in the documentation the recommended way to modify a variable, in my case it is tx.allowed_methods. What I would like is create or modify a conf file in /etc/modsecurity/... that will update the variable used in REQUEST-901-INITIALIZATION.conf (id 901160) without touching the REQUEST-901-INITIALIZATION.conf file.
I tried using REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf without succes with SecRuleUpdateTargetById, most probably because I could not figure out the syntax.

Thank you for helping a newbie.

Patrick

Franziska Buehler

unread,
Apr 27, 2023, 3:16:58 AM4/27/23
to Systems Admin, ModSecurity Core Rule Set project
Hello Patrick

Please use your crs-setup.conf to set this variable:

Uncomment the rule and add your allowed methods.

Best,
Franziska
CRS Dev-on-Duty

--
You received this message because you are subscribed to the Google Groups "ModSecurity Core Rule Set project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to modsecurity-core-rule-...@owasp.org.
To view this discussion on the web visit https://groups.google.com/a/owasp.org/d/msgid/modsecurity-core-rule-set-project/f4f88a5f-e30c-4a3b-9699-875d19923eb8n%40owasp.org.

Systems Admin

unread,
Apr 27, 2023, 3:48:18 AM4/27/23
to ModSecurity Core Rule Set project, Franziska Buehler, ModSecurity Core Rule Set project
Perfect,
Sorry for the basic question, it works perfectly.

Have a nice day

Franziska Buehler

unread,
Apr 27, 2023, 4:45:46 AM4/27/23
to Systems Admin, ModSecurity Core Rule Set project
Glad to hear that it works!
No need to say sorry. I'm happy to help! Everyone was a newbie at some point.

If you need more guides please take a look at https://coreruleset.org -> Documentation.
Or if you need help tuning the CRS check out the tuning tutorials by our co-lead Christian Folini at https://www.netnea.com/cms/tutorials/.

Have a great day too!
Franziska
Reply all
Reply to author
Forward
0 new messages