方法一、SecRuleRemoveById 指令:通过Rule ID禁用指定规则
#waf whitelist
<LocationMatch .*>
SecRuleRemoveById 960017 #allow Host Header is a IP address
</LocationMatch>
方法二、SecRuleRemoveByMsg指令:通过Rule Msg禁用指定规则
#waf whitelist
<LocationMatch .*>
SecRuleRemoveByMsg "Host header is a numeric IP address"
</LocationMatch>
方法三、url加白 :对指定路径关闭WAF检测/或只记录不拦截
<LocationMatch /xss.php>
SecRuleEngine DetectionOnly
</LocationMatch>
原文:http://www.cnblogs.com/itfenqing/p/5409263.html