We can redirect the user to a specific page when a specific rule get triggered. We can achieve this by directly modifying the original rule or by writing a custom rule which will update the actions of rules. The better way is to write a custom rule which will update the actions of a rule. A modsecurity directive "SecRuleUpdateActionById" will be used.
Syntax: SecRuleUpdateActionById
Example below:
#nano custom_rule_AV_redirect.conf
SecRuleUpdateActionById 950115 "redirect:http://www.technology.com/"
Here, Rule ID 950115 is an ID of modsecurity_crs_46_av_scanning.conf rule that is active.
We have to make symlink of this custom rule into the activation_rules directory of
/usr/share/modsecurity-crs/ .
Redirecting all 403 status
If you want to set up the default redirection to all the 403 status coming through modsecurity then you can simple use "ErrorDocument" directive of Apache in the configuration file of your site in /etc/apache2/sites-enabled/
Syntax: ErrorDocument
Example:
ErrorDocument 403 https://www.owasp.org
Syntax: SecRuleUpdateActionById
Example below:
#nano custom_rule_AV_redirect.conf
SecRuleUpdateActionById 950115 "redirect:http://www.technology.com/"
Here, Rule ID 950115 is an ID of modsecurity_crs_46_av_scanning.conf rule that is active.
We have to make symlink of this custom rule into the activation_rules directory of
/usr/share/modsecurity-crs/ .
Redirecting all 403 status
If you want to set up the default redirection to all the 403 status coming through modsecurity then you can simple use "ErrorDocument" directive of Apache in the configuration file of your site in /etc/apache2/sites-enabled/
Syntax: ErrorDocument
Example:
ErrorDocument 403 https://www.owasp.org
No comments:
Post a Comment