I have seen the same documentation which i am following for the same version of modsecurity which i am trying to install.


Kindly confirm if this is outdated.

Also the link which you have provided asks to configure the apache root path. This option was available in modsecurity 2.1.5 (last version i used) and is not available in modsec 2.5.1

Kindly confirm as i may be wrong.

Gaurav Pruthi

On Tue, Mar 25, 2008 at 6:08 PM, Ryan Barnett <Ryan.Barnett@breach.com> wrote:
You are using the older 1.x rules language.  Take a look at this section of the FAQ - http://www.modsecurity.org/documentation/faq.html#d0e216.

From: mod-security-users-bounces@lists.sourceforge.net [mailto:mod-security-users-bounces@lists.sourceforge.net] On Behalf Of Gaurav Pruthi
Sent: Tuesday, March 25, 2008 3:41 AM
To: mod-security-users@lists.sourceforge.net
Subject: [mod-security-users] ModSecurity Logging not working


I am using Apache 2.2.6 with mod security 2.5.1. I have installed mod_security using the installation instrcutions given in the link below.


Mod_security compiled successfully. I also loaded module in httpd.conf

LoadFile /usr/lib/libxml2.so
LoadFile /usr/lib/liblua-5.1.so
LoadModule security2_module modules/mod_security2.so

My problem is that i am not getting any logs in modsecurity log file. Here is my modsecurity.conf file

<IfModule mod_security.c>

##### Configuration #####

SecFilterEngine On
SecFilterScanPost On
SecFilterCheckCookieFormat On
SecFilterNormalizeCookies On
SecFilterScanOutput On
SecFilterOutputMimeTypes "(null) text/html text/plain"

##### Validation #####

SecFilterCheckURLEncoding On
SecUploadDir /tmp
SecUploadKeepFiles Off
SecFilterCheckUnicodeEncoding Off
SecFilterForceByteRange 1 255
SecFilterDefaultAction "log,deny,status:404"

##### Logging #####

SecFilterDebugLog logs/modsec_debug.log
SecFilterDebugLevel 1
SecAuditEngine RelevantOnly
SecAuditLog logs/modsec_audit.log


Also when i checked on the net regarding the same issue, i got the answer that i should use <IfModule mod_security2.c> instead of <IfModule mod_security.c>

But when i put <IfModule mod_security2.c> my apache don't starts at all. It gives me error

Starting httpd: Syntax error on line 5 of modsecurity.conf:
Invalid command 'SecFilterEngine', perhaps misspelled or defined by a module not included in the server configuration

I believe mod_security module is not working in my apache environment but unable to resolve the issue.

Gaurav Pruthi

Gaurav Pruthi