[Owasp-modsecurity-core-rule-set] A Recommended Base Configuration - SecRuleEngine
Ryan Barnett
RBarnett at trustwave.com
Fri Apr 1 11:36:16 EDT 2011
Reference Manual:
http://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#SecRuleEngine
Current setting:
# Enable ModSecurity, attaching it to every transaction. Use detection
# only to start with, because that minimises the chances of post-installation
# disruption.
#
SecRuleEngine DetectionOnly
Rationale:
When first adding in ModSecurity, you want to minimize any disruptions to traffic until you get a handle on how your configs/rules will respond to your traffic. This setting allows SecRules to trigger events but not take any disruptive actions.
More information about the Owasp-modsecurity-core-rule-set
mailing list