Only allow certain users to a specific URI

The below rule is a chained rule to only allow certain usernames through a particular URI.  For this instance this was for /owa for MS exchange.  This rule is a relatively simple way to only allow certain AD users through to /owa using a custom WAF rule.

SecRule REQUEST_URI "owa" \

               "id:1005, \

               phase:2, \

               t:lowercase, \

               deny, \

               log, \

               msg:'Rule 1005',\


               SecRule ARGS:username "@rx ^(?!kevin|steve|paula)"\



You have to turn on inspect HTML POST content inside of advanced settings or this will not work. 

To test I did the following through CLI:

curl --data "username=nick"  

-This failed


curl --data "username=kevin"  



1 comment


Ruby Williams

Thanks for sharing this information..


Please to leave a comment.

Didn't find what you were looking for?