Removes modsecurity audit log and rules 910* and 901*
This commit is contained in:
parent
cfb87a7b65
commit
9f2727f55f
|
@ -18,7 +18,7 @@ SecUploadKeepFiles Off
|
||||||
# default action
|
# default action
|
||||||
SecDefaultAction "log,auditlog,deny,status:406,phase:2"
|
SecDefaultAction "log,auditlog,deny,status:406,phase:2"
|
||||||
|
|
||||||
SecAuditEngine RelevantOnly
|
SecAuditEngine Off
|
||||||
#SecAuditLogRelevantStatus "^[45]"
|
#SecAuditLogRelevantStatus "^[45]"
|
||||||
# use only one log file
|
# use only one log file
|
||||||
SecAuditLogType Serial
|
SecAuditLogType Serial
|
||||||
|
@ -45,4 +45,13 @@ SecRule REQUEST_FILENAME "modsecuritytest1" "id:1"
|
||||||
SecRule REQUEST_URI "modsecuritytest2" "id:2"
|
SecRule REQUEST_URI "modsecuritytest2" "id:2"
|
||||||
SecRule REQUEST_FILENAME "(?:n(?:map|et|c)|w(?:guest|sh)|cmd(?:32)?|telnet|rcmd|ftp)\.exe" "id:3"
|
SecRule REQUEST_FILENAME "(?:n(?:map|et|c)|w(?:guest|sh)|cmd(?:32)?|telnet|rcmd|ftp)\.exe" "id:3"
|
||||||
|
|
||||||
|
Include /usr/share/modsecurity-crs/owasp-crs.load
|
||||||
|
|
||||||
|
# Removed because it does not play well with apache-itk
|
||||||
|
SecRuleRemoveById "901000-901999"
|
||||||
|
|
||||||
|
# Removed because IP reputation based blocking is hard to predict
|
||||||
|
# and reason about
|
||||||
|
SecRuleRemoveById "910000-910999"
|
||||||
|
|
||||||
</IfModule>
|
</IfModule>
|
||||||
|
|
Loading…
Reference in a new issue