Hello all. I'm new here.
I'm a SysAdmin assistant at my university but I've grown in the area of mod_security to a point where there is no one above me that can help me within my university.
I've run into an issue with mod_security's @inspectFile directive.
What I'd like to do is have two scripts, one "reject-file.sh" script and one "scan-file.sh" script. By default, uploads to our server should be rejected unless specifically exempted, usually with a LocationMatch. However, if a location is exempted, uploaded scripts should be scanned with scan-file.sh. Currently I'm not able to achieve this. Here is what I have so far; can anyone assist me further?