Knowledgebase: dotDefender for Apache
Apache - How to exclude a page from being scanned for a specific rule
Posted by - NA -, Last modified by on 27 July 2009 12:16 PM
  1. Logon to the dotDefender Admin panel
  2. Select the "Settings" button for the site you wish to exclude the rule for the specific page. If the site's operation mode is set to "Use Default", edit the Default Profile or set the operation mode to "Protection" in order to manage a separate rule set for the specified site.
  3. In the Configuration page, select the category in which the rule resides
  4. Scroll to the bottom of the page
  5. In the bottom, starting on the left, select the following from the dropdown menus: "SecFilterSelective" and "Request_URI", type the exclusion expression in the following format: !(/path/to/page/to/exclude) and click the ADD button.
  6. After the page refreshes, scroll down to the rule which has just been created.
  7. Click on the "Move Up" arrow next to the rule until it appears right below the rule to be excluded for the page.
  8. In the rule to be excluded, select the Chain option from the dropdown menu on the right and click the Save button.
  9. Click the Index button to return to the main page and click the Refresh Settings button for settings to take effect.
Example: To exclude the -- (Classic SQL Comment) rule for the URL the following should appear:

# Classic SQL Comment "--"
(892 vote(s))
This article was helpful
This article was not helpful

Comments (0)
Post a new comment
Full Name:
CAPTCHA Verification 
Please enter the text you see in the image into the textbox below. This is required to prevent automated registrations and form submissions.

Help Desk Software by Kayako