I built up the reverse proxy using mod_security on my system
I got problem when wrote rule on specify website
For example i have 2 websites a.com and b.com, both of them has parameter username
if i want to deny value abc on that parameter, my rule will be:
SecRule ARGS:username "@streq abc"
but i only want to deny value abc on parameter username at a.com, not b.com
what should i do?
thank in advance :)
Two options:
1) Only add rule to vhost of a.com
2) Make it a chained rule which also checks this:
SecRule REQUEST_HEADERS:Host "@streq a.com" "phase:2,id:12345,deny,chain"
SecRule ARGS:"username" "@streq abc"