'SecFilterEngine' is a 1.9.x directive. You got it right and SecRuleEngine is the correct directive for ModSecurity 2.x. Sorry for the typo.

 

~ Ofer

 


From: mod-security-users-bounces@lists.sourceforge.net [mailto:mod-security-users-bounces@lists.sourceforge.net] On Behalf Of Dan Rossi
Sent: Monday, November 27, 2006 8:15 AM
To: Ivan Ristic
Cc: mod-security-users@lists.sourceforge.net
Subject: Re: [mod-security-users] mod-security-users Digest, Vol 6, Issue 22

 

Ivan Ristic wrote:

On 11/21/06, Dan Rossi <spam@electroteque.org> wrote:

Ivan Ristic wrote:
>
> It is documented and it works. However, "SecFilterInheritance"
> prevents the rules from being inherited from the parent context but it
> does nothing to the configuration options. The configuration settings
> are always inherited. If you want something different to happen just
> provide different configuration. So, in your case you could do
> something like:
>
> <Location /signup>
> SecFilterInheritance Off
> SecFilterForceByteRange 0 255
> </Location>
>

Ok what im saying here is, every rule set as default will have to be
overwritten as u have here, ie the ones we need to override for etc, so
mod sec cant be turned off per virtualhost for instance ?


Sure it can:

<VirtualHost whatever>
   SecFilterEngine Off
   SecAuditEngine Off
</VirtualHost>

Hi Ivan, i just put these rules  inside virtualhost for mod sec 2 and i get this

Invalid command 'SecFilterEngine', perhaps mis-spelled or defined by a module not included in the server configuration


if i do

SecRuleEngine Off
SecAuditEngine Off


its ok however for some of our zend encoded files something happens with the posts, i dont get any errors but it seems modsec is doing something even though ive turned if off in that path and redirects back to the file . I cant go into the code and look because its encoded and there is no log :\