On Wed, Jan 30, 2013 at 11:29 AM, Eric MY Wong <ericmywong@gmail.com> wrote:
I made use of security scanning tools for auditing, why the scanning with SecRuleEngine "DetectionOnly" took more time than  "On" option?

Hi Eric,

Depending on your configuration, having SecRuleEngine enabled (On) will stop a request on the first rule it matches while having SecRuleEngine in DetectionOnly mode will allow the request to traverse to all of your configured rules, which will take longer.
 
--
 - Josh

------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_jan
_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/