[Mod-security-rules] modsecurity rule
Brought to you by:
victorhora,
zimmerletw
From: Prakash K. <pra...@ne...> - 2016-02-24 05:40:19
|
I have following rule in my /usr/local/apache/conf/modsec2.user.conf file: SecGeoLookupDb /usr/share/geoip/GeoLiteCity.dat SecRule REMOTE_ADDR "@geoLookup" "phase:1,id:'11111',t:none,pass,log,noauditlog" I think this is right but when I see /usr/local/apache/logs/error_log I see following error: [Sat Feb 20 02:04:23.469432 2016] [:error] [pid 15993] [client 93.189.102.202] ModSecurity: Warning. Geo lookup for "93.189.102.202" succeeded. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "13"] [id "11111"] [hostname "somesite.com"] [uri "/css/bootstrap.min.css"] [unique_id "Vsd4y55FgooAAD55TBcAAAAK"] Anyone know what I am doing wrong here? PS: I have disabled full modsec logging. |