I'm new to modSecurity and recently installed on a Solaris 10 machine to
serve as a reverse proxy to protect an IIS hosted site. I installed the
core rule set and am trying to validate modSecurity is setup properly
and is functional.
How can I tell if modSecurity is actively analyzing traffic on the
reverse proxy? I see the Apache access log being updated with the
traffic being sent to the real IIS site behind the proxy, but I don't
the modsec_debug.log or modsec_audit.log being updated.
Do I need to use "SecRuleInheritance" to apply the core rules to the
virtual server setup as the reverse proxy?
Any other tips or ideas for testing to make sure the implementation are
working are greatly appreciated. Thanks for your help!
This email and the information included in this transmission are privileged and confidential and intended only for the recipient listed above. If you are not the intended recipient, please advise the sender immediately by reply e-mail and delete this message and any attachments without retaining a copy. If you are not the intended recipient, you are hereby notified that any disclosure, copying or distribution of this message, or the taking of any action based upon it, is strictly prohibited. Although this email and any attachments are believed to be free of any virus or other defects which might affect any computer or IT system into which they are received, neither Escalate Retail nor any of its affiliates shall be liable for any loss or damage arising in any way from the receipt or use thereof.
Get latest updates about Open Source Projects, Conferences and News.