-## Begin - Generated by CARNet package mod-security-cn
+## Begin - Generated by CARNET package mod-security-cn
#
# REMOVE this whole block if you DON'T WANT mod-security-cn
# to edit your configuration file.
#
-## End - Generated by CARNet package mod-security-cn
+## End - Generated by CARNET package mod-security-cn
-<IfModule mod_security2.c>
+<IfModule security2_module>
- # Skip RBL lookup for localhost, 161.53.0.0/16, 193.198.0.0/16 and 82.132.0.0/17
- SecRule REMOTE_ADDR "^(127\.0\.0\.1|161\.53\.\d{1,3}\.\d{1,3}|193\.198\.\d{1,3}\.\d{1,3}|82\.132\.(\d{1,2}|10\d{1}|11\d{1}|12[0-7]{1})\.\d{1,3})$" "phase:2,pass,nolog,t:none,skip:1"
+ # Skip RBL lookup for localhost, 161.53.0.0/16, 193.198.0.0/16,
+ # 192.84.91.0/24, 192.84.92.0/24, 192.84.105.0/24, 192.84.106.0/24,
+ # 31.147.0.0/16, 82.132.0.0/17 and 2001:b68::/32.
+ SecRule REMOTE_ADDR "!@rx ^(\:\:1|127\.0\.0\.1|161\.53\.\d{1,3}\.\d{1,3}|193\.198\.\d{1,3}\.\d{1,3}|192\.84\.(91|92|105|106)\.\d{1,3}|31\.147\.\d{1,3}\.\d{1,3}|82\.132\.(\d{1,2}|10\d{1}|11\d{1}|12[0-7]{1})\.\d{1,3}|2001\:b68\:.+)$" "phase:1,deny,log,id:99999,status:500,t:none,msg:'RBL: xbl.dnsbl-sh.carnet.hr',severity:CRITICAL,chain"
# RBL lookup using xbl.dnsbl-sh.carnet.hr
- SecRule REMOTE_ADDR "@rbl xbl.dnsbl-sh.carnet.hr" "phase:2,deny,log,status:500,t:none,msg:'RBL: xbl.dnsbl-sh.carnet.hr',severity:'1'"
+ SecRule REMOTE_ADDR "@rbl xbl.dnsbl-sh.carnet.hr"
</IfModule>
projects / mod-security-cn.git / blobdiff