[Owasp-modsecurity-core-rule-set] changing default page

Josh Amishav-Zlatin jamuse at owasp.org
Thu Jul 17 09:14:23 UTC 2014

On Thu, Jul 17, 2014 at 11:16 AM, Sabin Ranjit <think.sabin at gmail.com>

> hi, i want to change the default page that get displayed when modsecurity
> detects the sql injection attack or any other attacks like xss. how can i
> do that?
Hi Sabin,

ModSecurity does not display a page when a SQLi attack is detected, the
response you see is defined in the underlying web server. For example, if
you use Apache and define ModSec to block attacks using a 403 response, you
could use the Apache ErrorDocument directive to customize the server

 - Josh

> thanks
> regards,
> sabin
> _______________________________________________
> Owasp-modsecurity-core-rule-set mailing list
> Owasp-modsecurity-core-rule-set at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-modsecurity-core-rule-set/attachments/20140717/14bf1ac3/attachment.html>

More information about the Owasp-modsecurity-core-rule-set mailing list