mod-securitymod-security2

How to limit this modsecurity rule to one file?

I have this rule bellow, and I'd like to limit for only wp-login.php files. Is it possible?

SecRule REQUEST_HEADERS:User-Agent "@contains python-requests" "id:1000000,t:none,t:lowercase,deny,nolog,msg:'BAD BOT - Detected and Blocked. '"

Solution

  • Use chained rules:

    SecRule REQUEST_URI "wp-admin.php" "chain,id:1000000,t:none,t:lowercase,deny,nolog,msg:'BAD BOT - Detected and Blocked. '"
    SecRule REQUEST_HEADERS:User-Agent "@contains python-requests" ",t:none,t:lowercase"