|
From: Hans M. <mo...@ma...> - 2024-11-03 22:02:47
|
Dear All, I am using Apache/2.4.62 on Debian with the modsecurity-crs package which is Producer ModSecurity for Apache/2.9.7 and I am using a clone of https://github.com/coreruleset/coreruleset.git In the default Apache virtual host definition I have the following settings: <IfModule security2_module> SecAction "id:10102,phase:1,drop,nolog,noauditlog" </IfModule> This works fine till Rule Set OWASP_CRS/3.3.7 All requests are dropped and no log is generated. Also older versions than 3.3.7 are doing the job well. Recently I changed to OWASP_CRS/4.9.0-dev I realised that this rule isn't working as before. It still drops the requests but "nolog" or "noauditlog" isn't working, so to say, I get log entries which I don't want to have. I checked out version 4.0, it's still the same. To switch back to latest version of 3 is an easy and fast step but maybe there is a way to do the same with version 4. Any ideas where I can look deeper into this issue ? Any help would be appreciated. Kind regards Hans -- |
