SecRuleRemoveById inside Apache virtual host
by mirawara from LinuxQuestions.org on (#6F228)
I have this apache configuration:
```
<LocationMatch "/pippo">
<IfModule security2_module>
SecRuleRemoveById 949110 941100
# SecRuleEngine On
</IfModule>
</LocationMatch>
```
In the modsecurity configuration file there is 'SecRuleEngine On". For any other location except '/pippo' Modsecurity blocks malicious requests, but for '/pippo' malicious requests are not blocked at all but only detected. Seems a bug, can you confirm or is there something I miss?
Thank you in advance.
```
<LocationMatch "/pippo">
<IfModule security2_module>
SecRuleRemoveById 949110 941100
# SecRuleEngine On
</IfModule>
</LocationMatch>
```
In the modsecurity configuration file there is 'SecRuleEngine On". For any other location except '/pippo' Modsecurity blocks malicious requests, but for '/pippo' malicious requests are not blocked at all but only detected. Seems a bug, can you confirm or is there something I miss?
Thank you in advance.