[prev in list] [next in list] [prev in thread] [next in thread] 

List:       mod-security-users
Subject:    [mod-security-users] Allowing only a specific IP to login for
From:       Avery Tarasov <atarasov () hushmail ! com>
Date:       2011-08-14 20:26:21
Message-ID: 4E482F6D.8040701 () hushmail ! com
[Download RAW message or body]

Hi Team,

I am trying to make it so only a specific IP address 5.5.5.5 can login 
with specific usernames (admin or test) in the POST data of a login script:

 From .htaccess file:

SecRule REQUEST_URI "^\/login\.php\?do=login" chain
SecRule ARG_vb_login_username ((test)|(admin)) chain
SecRule REMOTE_ADDR !^5\.5\.5\.5$


I have tried the above rule and many other variations but can't seem to 
figure out how to accomplish this.

Please advise.

Best Regards,

-Avery


------------------------------------------------------------------------------
FREE DOWNLOAD - uberSVN with Social Coding for Subversion.
Subversion made easy with a complete admin console. Easy 
to use, easy to manage, easy to install, easy to extend. 
Get a Free download of the new open ALM Subversion platform now.
http://p.sf.net/sfu/wandisco-dev2dev
_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
ModSecurity Services from Trustwave's SpiderLabs:
https://www.trustwave.com/application-security.php
[prev in list] [next in list] [prev in thread] [next in thread]