Caplan, Michael wrote:

To follow up on my previous email, I think I have worked out two of my issues.  For what it’s worth, I’m posting my resolution below:



Outbound filtering



[Caplan, Michael]


I guess I’m a dough head and didn’t properly refresh my apache configuration before testing.  It appears to be working correctly….





[Caplan, Michael]


FilterDeclare modsec CONTENT_SET

FilterProvider modsec modsecurity_out env=modsec-ignore !=1

FilterDeclare compress CONTENT_SET

FilterProvider compress DEFLATE Content-Type /^text.html|text.plain|text.xml|application.javascript|text.css/

FilterProtocol compress change=yes

FilterChain modsec compress



Seems to have done the trick.  Very nice.  Thanks to Brian Rectanus for this gem!

What order are you loading mod_deflate and mod_security2.  I've never had to do this in embedded mode - only in reverse proxy mode.



Still no luck on mlogc….

Take a look at this and see if it describes your issues as well:

I have yet to be able to duplicate this and would love it if we could get this problem resolved.  Please write up any comments there.








Thank you,

Brian Rectanus
Breach Security