[Owasp-modsecurity-core-rule-set] SecRuleEngine mode
jroback at gmail.com
Fri Jul 17 14:26:16 UTC 2015
So you're claiming that while your conf file clearly states that
SecRuleEngine is "On", your audit.log indicates your in "DETECTION_ONLY"
On Tue, Jul 14, 2015 at 7:22 PM Bill Miller <wbmilleriii at comcast.net> wrote:
> My modsecurity.conf starts like this
> # Enable ModSecurity, attaching it to every transaction. Use detection
> # only to start with, because that minimises the chances of
> # disruption.
> SecRuleEngine On
> But all messages in modsec_audit.log contain this string:
> Engine-Mode: "DETECTION_ONLY"
> I have grep'd for other instances of SecRuleEngine being set, but have
> not found any.
> What am I doing wrong?
> Thanks for your help.
> Owasp-modsecurity-core-rule-set mailing list
> Owasp-modsecurity-core-rule-set at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-modsecurity-core-rule-set