I have seen the same documentation which i am following for the same version of modsecurity which i am trying to install.

http://www.modsecurity.org/documentation/modsecurity-apache/2.5.1/modsecurity2-apache-reference.html#installation

Kindly confirm if this is outdated.

Also the link which you have provided asks to configure the apache root path. This option was available in modsecurity 2.1.5 (last version i used) and is not available in modsec 2.5.1

Kindly confirm as i may be wrong.


Thanks,
Gaurav Pruthi


On Tue, Mar 25, 2008 at 6:08 PM, Ryan Barnett <Ryan.Barnett@breach.com> wrote:
You are using the older 1.x rules language.  Take a look at this section of the FAQ - http://www.modsecurity.org/documentation/faq.html#d0e216.
 


From: mod-security-users-bounces@lists.sourceforge.net [mailto:mod-security-users-bounces@lists.sourceforge.net] On Behalf Of Gaurav Pruthi
Sent: Tuesday, March 25, 2008 3:41 AM
To: mod-security-users@lists.sourceforge.net
Subject: [mod-security-users] ModSecurity Logging not working

Hi,

I am using Apache 2.2.6 with mod security 2.5.1. I have installed mod_security using the installation instrcutions given in the link below.


http://www.modsecurity.org/documentation/modsecurity-apache/2.5.1/html-multipage/installation.html


Mod_security compiled successfully. I also loaded module in httpd.conf

LoadFile /usr/lib/libxml2.so
LoadFile /usr/lib/liblua-5.1.so
LoadModule security2_module modules/mod_security2.so

My problem is that i am not getting any logs in modsecurity log file. Here is my modsecurity.conf file

<IfModule mod_security.c>

##### Configuration #####

SecFilterEngine On
SecFilterScanPost On
SecFilterCheckCookieFormat On
SecFilterNormalizeCookies On
SecFilterScanOutput On
SecFilterOutputMimeTypes "(null) text/html text/plain"

##### Validation #####

SecFilterCheckURLEncoding On
SecUploadDir /tmp
SecUploadKeepFiles Off
SecFilterCheckUnicodeEncoding Off
SecFilterForceByteRange 1 255
SecFilterDefaultAction "log,deny,status:404"

##### Logging #####

SecFilterDebugLog logs/modsec_debug.log
SecFilterDebugLevel 1
SecAuditEngine RelevantOnly
SecAuditLog logs/modsec_audit.log

</IfModule>


Also when i checked on the net regarding the same issue, i got the answer that i should use <IfModule mod_security2.c> instead of <IfModule mod_security.c>

But when i put <IfModule mod_security2.c> my apache don't starts at all. It gives me error

Starting httpd: Syntax error on line 5 of modsecurity.conf:
Invalid command 'SecFilterEngine', perhaps misspelled or defined by a module not included in the server configuration

I believe mod_security module is not working in my apache environment but unable to resolve the issue.


--
Gaurav Pruthi



--
Gaurav Pruthi