[mod-security-users] About SecDefaultAction
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[mod-security-users] About SecDefaultAction
|
From: Ehsan M. <ehs...@gm...> - 2014-08-22 13:12:27
|
Hi,
I have a rule like this: SecRule "variable" "condition" "phase:1,block,...
Following the CRS10 example(2.2.9) I have two consecutive default actions
like this:
SecDefaultAction "phase:1,deny,log"
SecDefaultAction "phase:2,deny,log"
I need to know:
1. Are both SecDefaultActions are working or just the latter one?
2. If the answer of above question is NO and If the rule matches, will
modsecurity deny the transaction? (I ask because the rule performs in
phase:1 and the latter SecDefaultAction is defined over the 2nd phase).
--
regards
Ehsan.Mahdavi
|
