[Owasp-modsecurity-core-rule-set] A Recommended Base Configuration - SecRuleEngine

Ryan Barnett RBarnett at trustwave.com
Fri Apr 1 11:36:16 EDT 2011


Reference Manual:
http://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#SecRuleEngine

Current setting:

# Enable ModSecurity, attaching it to every transaction. Use detection
# only to start with, because that minimises the chances of post-installation
# disruption.
#
SecRuleEngine DetectionOnly


Rationale:
When first adding in ModSecurity, you want to minimize any disruptions to traffic until you get a handle on how your configs/rules will respond to your traffic.  This setting allows SecRules to trigger events but not take any disruptive actions.



More information about the Owasp-modsecurity-core-rule-set mailing list