Article:  |
Introducing mod_security | |
| Subject: | mod_security2 and SecRule | |
| Date: | 2006-10-31 08:55:03 | |
| From: | ivanr | |
|
Response to: mod_security2 and SecRule
|
||
| Hmm, your configuration works for me here. Can I suggest you try two things? First upgrade to 2.0.4-dev1 and try again. If that does not work please join us on the mod-security-users mailing list (see here https://lists.sourceforge.net/lists/listinfo/mod-security-users). | ||
Showing messages 1 through 1 of 1.
-
Re: My SecRule does not work on mod_security2.c
2006-11-02 07:31:07 monicat [View]
<IfModule mod_security2.c>
#
# Basic configuration options
#
# Server masking is optional
SecServerSignature "Microsoft-IIS/5.0"
# Maximum request body size we will
# accept for buffering
SecRequestBodyAccess On
SecRequestBodyLimit 131072
# Store up to 128 KB in memory
SecRequestBodyInMemoryLimit 131072
# Buffer response bodies of up to
# 512 KB in length
SecResponseBodyAccess Off
SecResponseBodyLimit 524288
# Debug log
SecDebugLog logs/modsec_debug.log
SecDebugLogLevel 9
# The audit engine works independently and
# can be turned On of Off on the per-server or
# on the per-directory basis
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus ^5
SecAuditLogParts ABIFHZ
SecAuditLogType Serial
# The name of the audit log file
SecAuditLog logs/modsec_audit.log
# Default action set
SecDefaultAction "deny,log,auditlog,status:403"
# Turn on Rule Engine
SecRuleEngine On
SecRule REQUEST_URI dirty
# Refuse to accept POST requests that do
# not specify request body length
# SecRule REQUEST_METHOD ^POST$ chain
# SecRule REQUEST_HEADER:Content-Length ^$
</IfModule>
Any help is appreciated.
- Monicat