Yes, enabled debug log level 9 but in the case of requesting the text/html document the rule doesn't even get evaluated (nothing in debug log for that rule).

On Thu, Feb 21, 2013 at 11:39 AM, Ryan Barnett <> wrote:
Did you turn up debug log to 9, test and review it?

Ryan Barnett
Lead Security Researcher
Trustwave - SpiderLabs

On Feb 20, 2013, at 5:37 PM, "Ben WIlliams" <> wrote:

> Please can someone verify if this is a bug in modsecurity or just my installation.
> SecResponseBodyAccess On
> SecResponseBodyMimeType text/plain text/html text/xml
> SecResponseBodyLimit 524288
> SecResponseBodyLimitAction ProcessPartial
> SecAction "phase:3,log,pass,msg:'phase3isWorking',id:'1500000'"
> Request a resource that returns content type text/html and the above rule does not run.
> Request a resource that returns content type image/png image/jpeg etc and rule runs ok.
> Thanks
> Ben
> ------------------------------------------------------------------------------
> Everyone hates slow websites. So do we.
> Make your web apps faster with AppDynamics
> Download AppDynamics Lite for free today:
> _______________________________________________
> mod-security-users mailing list
> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:


This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.