[mod-security-users] block and redirect?

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

I'm trying to get modsecurity 2.6 going on apache 2.21 under linux.  it 
mostly works.  this is my basic example:

<IfModule security2_module>
    SecRuleEngine On
    SecRequestBodyAccess On
    SecResponseBodyAccess Off
    SecPcreMatchLimit 150000
    SecPcreMatchLimitRecursion 150000
    SecRequestBodyLimit 131072
    SecRequestBodyInMemoryLimit 131072
    SecResponseBodyLimit 524288
    SecUploadKeepFiles Off

    SecAuditEngine RelevantOnly
    SecAuditLogRelevantStatus ^5
    SecAuditLogParts ABIFHZ
    SecAuditLogType Serial
    SecAuditLog /usr/apache/logs/modsec_audit.log
    SecDebugLog /usr/apache/logs/modsec.log
    SecDebugLogLevel 1

    SecRule REQUEST_URI badurltest
    SecDefaultAction 
"phase:2,log,auditlog,deny,redirect:http://www.site.com/412.html"
</IfModule>

When a go to a url like http://www.site.com/index.html?badurltest it 
triggers a log entry like this:

[Mon Jan 02 23:23:02 2012] [error] [client 173.238.123.32] ModSecurity: 
Warning. Pattern match "badurltest" at REQUEST_URI. [file "httpd.conf"] 
[line "66"] [hostname "www.site.com"] [uri "/test/modsec.html"] 
[unique_id "TwKCpkMXBksAAANyKWkAAAAA"]

But the page modsec.html still comes up.  How do I stop this?  I would 
like to redirect to a web page explaining to the visitor what happened 
with redirect: which worked in modsec 1.9.  modsec.html should never 
come up.

Thanks for any help.