Thank you for your response.

In other words this is not happening, right?


The method in which application namespaces are implemented is very simple. For normal

collections, the collection name is used to name the SDBM file in which its data will be

stored. For namespace-aware collections, the namespace is part of the name. Assuming the

configuration as in the above example, the data persistence directory may contain the following














From: Ryan Barnett []
Sent: Friday, March 22, 2013 3:51 PM
To: Volkov, Pavel
Subject: Re: [mod-security-users] WebAppID


These sdbm files are stored in the SecDataDir setting. The web app id is used to prevent collisions of data within that file.  This shouldn't be a problem unless the size limits of the sdbm file is reached. 


I haven't tested but you could try setting different SecDataDir directives in vhost containers. Not sure if you can do this though as I believe it is a global setting. 


Ryan Barnett


On Mar 22, 2013, at 12:45 PM, "Volkov, Pavel" <> wrote:

I am trying to split my user collections between the apps. I am using the SecWebAppId directive as mentioned in the documentation. I see my webapp info in the auditlog: (WebApp-Info: "pavel" "-" "-")

But it has no effect on the file structure. I still see that it uses the same user.dir file to store user info for me for all the apps. Any clues? What am I missing? I am using mod_security 2.6.8




Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:

mod-security-users mailing list
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:


This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.