I want to set SecRule on /webmail I am using the below SecRule this is added in the server conf
modsecurity on
modsecurity_rules `
SecDebugLogLevel 0
SecAuditEngine on
SecRuleEngine On
SecRule REQUEST_URI "^/webmail" "id:99999,phase:1,deny,status:403"
`
modsecurity_rules_file /conf/path
but it does not work on /webmail for other URLs it works well.
on /webmail, I have set a proxy also use the below conf this is added in the virtual host file
RewriteCond %{REQUEST_URI} ^/webmail(\/*)
RewriteRule ^/(webmail)$ http://domain.com/$1/ [R=301]
RewriteRule ^/webmail(\/*)(.*) HTTP://mail_extraproc/mail/$2 [P,L,E=PROXY-HOST:domain.com]
I have created a new external app mail_extraproc
address 127.0.0.1:2002
can you check why this sec rule not working on /webmail
modsecurity on
modsecurity_rules `
SecDebugLogLevel 0
SecAuditEngine on
SecRuleEngine On
SecRule REQUEST_URI "^/webmail" "id:99999,phase:1,deny,status:403"
`
modsecurity_rules_file /conf/path
but it does not work on /webmail for other URLs it works well.
on /webmail, I have set a proxy also use the below conf this is added in the virtual host file
RewriteCond %{REQUEST_URI} ^/webmail(\/*)
RewriteRule ^/(webmail)$ http://domain.com/$1/ [R=301]
RewriteRule ^/webmail(\/*)(.*) HTTP://mail_extraproc/mail/$2 [P,L,E=PROXY-HOST:domain.com]
I have created a new external app mail_extraproc
address 127.0.0.1:2002
can you check why this sec rule not working on /webmail