Re: [mod-security-users] that dummy thing again
Brought to you by:
victorhora,
zimmerletw
From: Filip H. <fi...@jo...> - 2007-06-08 21:06:05
|
On 8.6.2007, at 16:31, Ryan Barnett wrote: > There is already a Core Rule for this issue in the protocol > anomalies file. I would just update the RegEx to include your NIC > alias address. > Yes, it shows I might just need to do that. I was really trying to avoid touching the rule set files at all, because I will need them on several machines in embedded mode and want to keep the automated updates as clean as possible. On a more general note - is there any way to make the warnings not show up in the error log? I do have "SecAuditEngine RelevantOnly" and thought a "nolog" action should prevent the match from appearing from both the error and audit logs? So this should not appear in the logs, or am I missing something? SecRule REQUEST_URI "^/$" "chain,skip:4" SecRule REMOTE_ADDR "^127\.0\.0\.1$" "chain" SecRule REQUEST_HEADERS:User-Agent "^Apache.*\(internal dummy connection\)$" "t:none,nolog" Filip |