Nick Floersch wrote:
> Hi All!
> I installed mod security not so much for the security help, but in
> order to watch POSTs to my web application in my log files.
> Installation was easy enough. Activation was easy too. But this log
> entry doesn't seem very helpful. Why can't it show me the post payload
> or what does that even mean? I just want to see what the post query
You probably need to add "SecFilterScanPOST On" to your
configuration*. By default mod_security tries to be as
passive as possible.
(*) It is also possible for a request body to be missing if
the request contains a malformed multipart/form-data payload,
but that's *very* rare.
Apache Security (O'Reilly) - http://www.apachesecurity.net
Open source web application firewall - http://www.modsecurity.org