diff options
Diffstat (limited to 'sca-cpp/trunk/modules/http/mod-security-conf')
-rwxr-xr-x | sca-cpp/trunk/modules/http/mod-security-conf | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/sca-cpp/trunk/modules/http/mod-security-conf b/sca-cpp/trunk/modules/http/mod-security-conf index a1373906fd..fdc4d8e24d 100755 --- a/sca-cpp/trunk/modules/http/mod-security-conf +++ b/sca-cpp/trunk/modules/http/mod-security-conf @@ -46,7 +46,7 @@ cat >$root/conf/mod-security.conf <<EOF # Generated by: mod-security-conf $* # Enable mod-security rules SecRuleEngine On -SecDefaultAction "phase:2,pass,log" +SecDefaultAction "phase:2,pass,nolog,auditlog" #SecDebugLog $root/logs//modsec_debug_log #SecDebugLogLevel 3 @@ -100,12 +100,12 @@ SecResponseBodyLimitAction ProcessPartial SecTmpDir $root/tmp/ SecDataDir $root/tmp/ -# Enable mod-security audit +# Enable mod-security audit log SecAuditEngine RelevantOnly SecAuditLogRelevantStatus "^(?:5|4(?!04))" SecAuditLogParts ABIJDEFHKZ SecAuditLogType Serial -SecAuditLog $root/logs/modsec_audit_log +Include conf/mod-security-log.conf # Use & as application/x-www-form-urlencoded parameter separator SecArgumentSeparator & @@ -188,3 +188,10 @@ Include ${modsecurity_prefix}/optional_rules/modsecurity_crs_47_skip_outbound_ch Include ${modsecurity_prefix}/optional_rules/modsecurity_crs_55_application_defects.conf EOF +# Configure audit logging +cat >$root/conf/mod-security-log.conf <<EOF +# Generated by: mod-security-conf $* +SecAuditLog $root/logs/modsec_audit_log + +EOF + |