Whitelisting a particular path

I would like to disable certain rules only if the path requested ends in /Settings.

I’m new to modsecurity and CWAF, but I have a smidgen of Apache experience.

Server is running Ubuntu 14.04.4 LTS.
apache2 config is at /etc/apache2/
CWAF is at /usr/local/cwaf/ in standalone mode (no GUI plugins).

I’m able to successfully disable and enable rules, on a global basis, using the cwaf-cli.pl script. And I’m getting plenty of good logs for the system in its default state – what should be detected is being detected.

I just need help on how to set it up so that only a particular path will disable a rule.

Once that’s working, my next question is, can I switch a particular rule to DetectionOnly instead of disabling it?


You can exclude rules for all and try to turn them on with directive
But we didn’t check this settings.
About second question… I’m not sure of it’s possibility.

You can do the following:

<LocationMatch "/Settings">
SecRuleEngine Off


<LocationMatch "/Settings">
SecRuleRemoveById 200000–299999

As LocationMatch accepts regular expression - you can specify complex cases.