Re: [mod-security-users] Modsecurity - not writing any debug logs
Brought to you by:
victorhora,
zimmerletw
From: Fem R. <fem...@gm...> - 2015-01-20 16:38:46
|
I used Atomicorp aum to install the rules, is that what is causing the problems? On Tue, Jan 20, 2015 at 6:31 PM, Fem Rah <fem...@gm...> wrote: > This is my modsecurity configuration. I have given 777 permissions to the > debug log directory. > > SecStatusEngine On > SecRuleEngine On > SecRequestBodyAccess On > SecResponseBodyAccess On > SecResponseBodyMimeType (null) text/html text/plain text/xml > SecResponseBodyLimit 2621440 > SecServerSignature Apache > SecComponentSignature 201501191147 > SecUploadDir /var/asl/data/suspicious > SecUploadKeepFiles off > SecAuditEngine RelevantOnly > SecAuditLogRelevantStatus "^(?:5|4(?!04))" > SecAuditLogType Concurrent > #SecAuditLog /var/log/apache2//audit_log > #SecAuditLogParts ABIFHZ > SecAuditLogParts ABIDEFGHZ > SecAuditLog "|/usr/local/modsecurity/bin/mlogc /etc/mlogc.conf" > SecAuditLogStorageDir /var/log/mlogc/data > SecArgumentSeparator "&" > SecCookieFormat 0 > SecRequestBodyInMemoryLimit 131072 > SecDataDir /var/asl/data/msa > SecTmpDir /tmp > #SecAuditLogStorageDir /var/asl/data/audit > SecRequestBodyLimit 134217728 > SecResponseBodyLimitAction ProcessPartial > SecConnReadStateLimit 100 > SecConnWriteStateLimit 100 > SecRequestBodyNoFilesLimit 1048576 > SecRequestBodyInMemoryLimit 131072 > > SecAuditLogDirMode 0770 > SecPcreMatchLimit 150000 > SecPcreMatchLimitRecursion 150000 > SecInterceptOnError on > SecResponseBodyAccess on > SecDebugLog /home/fem/debug.log > SecDebugLogLevel 3 > > > On Tue, Jan 20, 2015 at 5:24 PM, Chaim Sanders <CSa...@tr...> > wrote: > >> Morning FemRah, >> >> The debug log location should be specified in your configuration files >> using commands similar to the following: >> >> >> >> # Debug log >> >> SecDebugLog /var/log/httpd/modsecurity/debug.log >> >> SecDebugLogLevel 4 >> >> >> >> If you do this and the log is not appearing ensure that permissions are >> properly configured for that directory such that the log file can be >> created. >> >> >> >> *Chaim Sanders* >> >> Security Researcher, SpiderLabs >> >> >> >> *Trustwave* | SMART SECURITY ON DEMAND >> >> *www.trustwave.com <http://www.trustwave.com/>* >> >> >> >> *From:* Fem Rah [mailto:fem...@gm...] >> *Sent:* Tuesday, January 20, 2015 8:23 AM >> *To:* mod...@li... >> *Subject:* [mod-security-users] Modsecurity - not writing any debug logs >> >> >> >> Hi, >> >> I installed modsecurity 2.8 on debian by building from source, but I can >> find any debug logs. What could be the reason? >> >> Thanks, >> >> FemRah >> >> ------------------------------ >> >> This transmission may contain information that is privileged, >> confidential, and/or exempt from disclosure under applicable law. If you >> are not the intended recipient, you are hereby notified that any >> disclosure, copying, distribution, or use of the information contained >> herein (including any reliance thereon) is strictly prohibited. If you >> received this transmission in error, please immediately contact the sender >> and destroy the material in its entirety, whether in electronic or hard >> copy format. >> >> >> ------------------------------------------------------------------------------ >> New Year. New Location. New Benefits. New Data Center in Ashburn, VA. >> GigeNET is offering a free month of service with a new server in Ashburn. >> Choose from 2 high performing configs, both with 100TB of bandwidth. >> Higher redundancy.Lower latency.Increased capacity.Completely compliant. >> http://p.sf.net/sfu/gigenet >> _______________________________________________ >> mod-security-users mailing list >> mod...@li... >> https://lists.sourceforge.net/lists/listinfo/mod-security-users >> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: >> http://www.modsecurity.org/projects/commercial/rules/ >> http://www.modsecurity.org/projects/commercial/support/ >> >> > |