Mod Security & phpMyAdmin's tbl_alter.php

LawsHosting

LawsHosting

Verified User
Joined
Sep 13, 2008
Messages
2,409
Location
London UK
This new rule is affecting this tbl_alter.php file
Code: 
SecRule TX:/^PM_SQLI_DATA_*/ "\bnvarchar\b"
so I thought I'd put this in .htaccess file
Code: 
<IfModule mod_security2.c>
<LocationMatch "/path_to_phpmyadmin/tbl_change.php">
SecRuleRemoveById 959050
</LocationMatch>
<LocationMatch "/path_to_phpmyadmin/sql.php">
SecRuleRemoveById 959050
</LocationMatch>
<LocationMatch "/path_to_phpmyadmin/tbl_alter.php">
SecRuleRemoveById 959050
</LocationMatch>
</IfModule>
however, I get a
Code: 
/var/www/html/.htaccess: <LocationMatch not allowed here
and a
Code: 
/var/www/html/.htaccess: SecRuleRemoveById not allowed here
if I remove the <LocationMatch> tags. Even tried putting them in the httpd.conf, same outcome.

I'm kind of stumped. Any insight?
 
Ok, after much pulling hair:

Code: 
SecRule REQUEST_URI "^/<path to phpmyadmin/" "phase:1,allow,ctl:ruleEngine=off"

at the end of the specific file worked.
 
You must log in or register to reply here.
Back
Top