Re: [mod-security-users] Installing
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Installing
|
From: Ivan R. <iva...@gm...> - 2010-03-02 20:54:15
|
On Tue, Mar 2, 2010 at 8:43 PM, Berlington Barnett <bba...@ya...> wrote:
> Thank you very much.
>
> Just one more doubt.
>
> In the httpd.conf only write something like:
>
> SecRuleEngine On
> SecDefaultAction
> log,auditlog,deny,status:403,phase:2,t:lowercase,t:replaceNulls,t:compressWhitespace
>
> SecAuditEngine RelevantOnly
> SecAuditLogType Serial
> SecAuditLog logs/mod_security2.log
>
>
> without brackets or something else???
No brackets needed. However, it is not recommended to use
transformation functions in SecDefaultAction
("t:lowercase,t:replaceNulls,t:compressWhitespace"). That may lead to
errors that are very difficult to track down. Each rule should specify
its own transformation functions.
--
Ivan Ristic
ModSecurity Handbook [http://www.modsecurityhandbook.com]
SSL Labs [https://www.ssllabs.com/ssldb/]
|