[Owasp-modsecurity-core-rule-set] A Recommended Base Configuration - SecRuleEngine
RBarnett at trustwave.com
Fri Apr 1 11:36:16 EDT 2011
# Enable ModSecurity, attaching it to every transaction. Use detection
# only to start with, because that minimises the chances of post-installation
When first adding in ModSecurity, you want to minimize any disruptions to traffic until you get a handle on how your configs/rules will respond to your traffic. This setting allows SecRules to trigger events but not take any disruptive actions.
More information about the Owasp-modsecurity-core-rule-set