Ivan Ristic wrote:
> Steffen wrote:
>
>> Searched in the docu, but could not find an answer.
>>
>> It it possible not to log in the Apache error.log the "Warning
>> (chained rule)" entries?
>>
>> eg.:
>>
>> [Thu Oct 20 10:09:16 2005] [error] [client 63.196.49.252]
>> mod_security: Warning (chained rule). Pattern match "!^(GET|HEAD)$" at
>> REQUEST_METHOD [hostname "www.apachelounge.com"] [uri "/mail/web.cgi"]
>
> You should be able to add "nolog" to the rule to supress it.
But this approach has some unexpected side-effects. If a rule
after the one with "nolog" triggers the request will not be
recorded in the audit log. Although further attempts can be
made (with "auditlog") to restore this functionality, I have
decided to simply move the above warning to level 3 (from
level 1). This works as of 1.9RC4.
I don't expect any more RC releases so maybe you should not
upgrade to 1.9RC4. 1.9 stable will be released over the weekend.
--
Ivan Ristic
Apache Security (O'Reilly) - http://www.apachesecurity.net
Open source web application firewall - http://www.modsecurity.org
|
