如何将此modsecurity规则限制为一个文件?

时间:2019-05-30 17:41:24

标签: mod-security mod-security2

我有下面的规则,我只想限制wp-login.php文件。有可能吗?

SecRule REQUEST_HEADERS:User-Agent“ @contains python-requests”“ id:1000000,t:none,t:lowercase,deny,nolog,msg:'BAD BOT-检测到并被阻止。'”

1 个答案:

答案 0 :(得分:0)

使用chained rules

SecRule REQUEST_URI "wp-admin.php" "chain,id:1000000,t:none,t:lowercase,deny,nolog,msg:'BAD BOT - Detected and Blocked. '"
    SecRule REQUEST_HEADERS:User-Agent "@contains python-requests" ",t:none,t:lowercase"