* [gentoo-user] ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On.
@ 2020-12-19 1:20 thelma
2020-12-19 2:51 ` Jigme Datse
0 siblings, 1 reply; 3+ messages in thread
From: thelma @ 2020-12-19 1:20 UTC (permalink / raw
To: Gentoo mailing list
ModSecurity is installed:
APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D SSL -D SSL_DEFAULT_VHOST -D LANGUAGE -D PHP -D SECURITY"
In which file I have to enable "SecStatusEngine On" ?
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [gentoo-user] ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On.
2020-12-19 1:20 [gentoo-user] ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On thelma
@ 2020-12-19 2:51 ` Jigme Datse
2020-12-19 18:26 ` thelma
0 siblings, 1 reply; 3+ messages in thread
From: Jigme Datse @ 2020-12-19 2:51 UTC (permalink / raw
To: gentoo-user
On Fri, 18 Dec 2020 18:20:44 -0700
thelma@sys-concept.com wrote:
> ModSecurity is installed:
> APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D SSL -D SSL_DEFAULT_VHOST -D
> LANGUAGE -D PHP -D SECURITY"
>
> In which file I have to enable "SecStatusEngine On" ?
>
>
Not worked with Apache for a bit, but I think this is needed in your
Apache configuration. Though I'm not sure if it's per virtual server
or if it's a global option.
If this isn't helpful, I'm just sitting here waiting for stuff to
happen, and saw your message, and just thought I'd look to see if I can
maybe help.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [gentoo-user] ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On.
2020-12-19 2:51 ` Jigme Datse
@ 2020-12-19 18:26 ` thelma
0 siblings, 0 replies; 3+ messages in thread
From: thelma @ 2020-12-19 18:26 UTC (permalink / raw
To: gentoo-user
On 12/18/2020 07:51 PM, Jigme Datse wrote:
> On Fri, 18 Dec 2020 18:20:44 -0700
> thelma@sys-concept.com wrote:
>
>> ModSecurity is installed:
>> APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D SSL -D SSL_DEFAULT_VHOST -D
>> LANGUAGE -D PHP -D SECURITY"
>>
>> In which file I have to enable "SecStatusEngine On" ?
>>
>>
>
> Not worked with Apache for a bit, but I think this is needed in your
> Apache configuration. Though I'm not sure if it's per virtual server
> or if it's a global option.
>
> If this isn't helpful, I'm just sitting here waiting for stuff to
> happen, and saw your message, and just thought I'd look to see if I can
> maybe help.
>
Looking at FAQ in:
https://github.com/SpiderLabs/ModSecurity/wiki/ModSecurity-Frequently-Asked-Questions-(FAQ)
Should I initially set the SecRuleEngine to On?
No. Every Ruleset can have false positive in new environments and any
new installation should initially use the log only Ruleset version or if
no such version is available, set ModSecurity to Detection only using
the SecRuleEngine DetectionOnly command. After running ModSecurity in a
detection only mode for a while review the evens generated and decide if
any modification to the rule set should be made before moving to
protection mode.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-12-19 18:26 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-12-19 1:20 [gentoo-user] ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On thelma
2020-12-19 2:51 ` Jigme Datse
2020-12-19 18:26 ` thelma
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox