On Thu, Jun 28, 2012 at 8:25 PM, Quinn Comendant <quinn@strangecode.com> wrote:
We have a system running mod_security-2.5.9-1.el5.x86_64, and would like to disable the messages that appear in apache's error_log. I see it is possible to disable the debug and audit log using SecDebugLogLevel=0 and SecAuditEngine=off, but cannot find how to disable logging to error_log. It seems possible to disable it using the nolog action on a per-rule basis, but I assume there must be a way to do this using one configuration variable rather than editing hundreds of rules. Adding nolog to SecFilterDefaultAction doesn't work of course because individual rules override the inheritance.

Hi Quinn,

Can you update your rules to use the block action which inherits the SecDefaultAction setting?

 - Josh



Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
mod-security-users mailing list
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: