php - Apache2 ModSecurity2 does not work (Ubuntu 14.04)
The rules at modsecurity_crs_43_csrf_protection.conf is looking a CSRF attack, however, the one you are trying to execute is not CSRF.
You could try this,
- Remove Include
Include /usr/share/modsecurity-crs/optional_rules/*.conffrom your
/etc/apache2/mods-enabled/security2.conf(I guess you are using Ubuntu).
- Create a ruleset in
- Include this rule in that file
SecRule REQUEST_URI "secret" "phase:1,t:none,log,deny,id:'9000070001',msg:'Malicious content blocked'"
sudo service apache2 restart
Try to hit the same URL from your browser, watch the /var/log/apache2/modsec_audit.log and let me know how it goes.