Rule IDs
You can assign an ID number to each rule by using the id action:
SecRule ARGS "login" "deny,id:1000"
This allows the rule to be identified for use with:
SecRuleRemoveById(removes the rule from the current context)SecRuleUpdateActionById(updates a rule's action list)skipAfter:nn(an action—jump to after the rule with the ID specified)
The SecMarker directive should be mentioned here. Its purpose is to create a marker, which is essentially a rule with just an ID number, for use with the action skipAfter.
The following example checks to see if the ModSecurity version is at least 2.5, and skips over a set of rules in case an older version that may not support them is installed:
SecRule MODSEC_BUILD "@lt 020500000" "skipAfter:1024" ... Rules requiring version >= 2.5 ... SecMarker 1024
