I am testing modsecurity for the first time and am trying to understand writing the rules.
Currently I am trying to limit a sample rule to a specific directory.
The setup is modsecurity 2.1.3/Apache 2.x/Fedora.
My php sample page lives in 2 directories: /protected & /virgin
if ( isset($_GET['attack']) )
echo "who me??";
My rules config looks like this currently which does not work, but I have also tried the <Directory> and the regular <Location> directives with no luck. If I comment out the <LocationMatch> </LocationMatch> lines the rule works just fine. I've seen other pre-made rules use the LocationMatch directive so I don't know what I'm doing wrong. Any ideas?
# Drop your local rules in here.
# Sample test rule
SecRule ARGS "attack" "log,deny,phase:1,redirect:http://www.example.com"