我需要禁用/admin/
位置的 mod_security,这是我的虚拟主机的完整配置:
<VirtualHost *:443>
DocumentRoot /home/example/sites/example.com
ServerName example.com
ServerAlias www.example.com
UseCanonicalName Off
ErrorLog /usr/local/apache/domlogs/example.com.error.log
LogLevel trace8
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/example.com.cert
SSLCertificateKeyFile /etc/pki/tls/private/example.com.key
SSLCertificateChainFile /etc/pki/tls/certs/example.com.bundle
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
<IfModule mod_userdir.c>
UserDir disabled
UserDir enabled /home/example/sites/example.com
</IfModule>
<IfModule mod_suphp.c>
suPHP_UserGroup example example
suPHP_ConfigPath /home/example
</IfModule>
<IfModule mod_ruid2.c>
RMode config
RUidGid example example
</IfModule>
<IfModule itk.c>
AssignUserID example example
</IfModule>
<Directory "/home/example/sites/example.com">
AllowOverride All
SSLRequireSSL
Require all granted
</Directory>
<Directory "/home/example/public_html">
AllowOverride All
SSLRequireSSL
Require all granted
</Directory>
<LocationMatch "^/admin/?.*"> # Here is trouble
<IfModule mod_security2.c>
SecRuleEngine Off
</IfModule>
</LocationMatch>
</VirtualHost>
ModSecurity 仍然不会让请求通过。日志不包含有关 LocationMatch 工作的任何信息。
怎么了?
系统信息:CentOS 7 上的 CWP 管理员。