Re: [mod-security-users] Supressing Warning (chained rule)" in the log ?
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Supressing Warning (chained rule)" in the log ?
|
From: Ivan R. <iv...@we...> - 2005-11-03 10:31:16
|
Ivan Ristic wrote: > Steffen wrote: > >> Searched in the docu, but could not find an answer. >> >> It it possible not to log in the Apache error.log the "Warning >> (chained rule)" entries? >> >> eg.: >> >> [Thu Oct 20 10:09:16 2005] [error] [client 63.196.49.252] >> mod_security: Warning (chained rule). Pattern match "!^(GET|HEAD)$" at >> REQUEST_METHOD [hostname "www.apachelounge.com"] [uri "/mail/web.cgi"] > > You should be able to add "nolog" to the rule to supress it. But this approach has some unexpected side-effects. If a rule after the one with "nolog" triggers the request will not be recorded in the audit log. Although further attempts can be made (with "auditlog") to restore this functionality, I have decided to simply move the above warning to level 3 (from level 1). This works as of 1.9RC4. I don't expect any more RC releases so maybe you should not upgrade to 1.9RC4. 1.9 stable will be released over the weekend. -- Ivan Ristic Apache Security (O'Reilly) - http://www.apachesecurity.net Open source web application firewall - http://www.modsecurity.org |
