Change order to check ip first in both rules

fzipi · fzipi · commit 401bd6e88bda · 2019-10-07T16:56:24.000-03:00
diff --git a/rules/REQUEST-905-COMMON-EXCEPTIONS.conf b/rules/REQUEST-905-COMMON-EXCEPTIONS.conf
@@ -32,7 +32,7 @@ SecRule REQUEST_LINE "@streq GET /" \
 #
 # Exception for Apache internal dummy connection
 #
-SecRule REQUEST_HEADERS:User-Agent "@endsWith (internal dummy connection)" \
+SecRule REMOTE_ADDR "@ipMatch 127.0.0.1,::1" \
     "id:905110,\
     phase:1,\
     pass,\
@@ -43,7 +43,7 @@ SecRule REQUEST_HEADERS:User-Agent "@endsWith (internal dummy connection)" \
     tag:'platform-apache',\
     tag:'attack-generic',\
     chain"
-    SecRule REMOTE_ADDR "@ipMatch 127.0.0.1,::1" \
+    SecRule REQUEST_HEADERS:User-Agent "@endsWith (internal dummy connection)" \
         "t:none,\
         chain"
         SecRule REQUEST_LINE "@rx ^(?:GET /|OPTIONS \*) HTTP/[12]\.[01]$" \
