ModSecurity™ Configuration
Posted by Matthew Jeffels, Last modified by Matthew Jeffels on 15 September 2016 01:14 PM

ModSecurity™ Configuration

This section allows you to configure a number of ModSecurity's global settings.

Audit Log Level

ModSecurity Options

This option allows you to decide what you log in terms of transactions carried out by the server. A transaction is where a visitor requests a web page from your server and your server responds, either by providing the page or an error code.

Log all transactions; This will log all transactions, this can be heavy on server memory usage.

Do not log any transactions; This will not log any transactions.

Only log noteworthy transactions; This will only log the transactions that have created an error or warning. As a result it wont fill up the memory with successful transactions and only those that can be of use.

Connections Engine

ModSecurity Options

This allows you to configure the connection engine and affects the SecConnReadStateLimit and SecConnWriteStateLimit.

Process the rules; This will process SecConn[Read|Write]StateLimit.

Do not process the rules; This causes the engine to ignore the directives SecConn[Read|Write]StateLimit.

Process the rules in verbose mode, but do not execute disruptive actions; This causes the engine to process SecConn[Read|Write]StateLimit definitions in verbose mode but never executes any disruptive actions.

Rules Engine

ModSecurity Options

This option allows you to configure ModSecurity's rule engine.

Process the rules; Causes the engine to process the rules.

Do not process the rules; Causes the engine to not process rules.

Process the rules in verbose mode, but do not execute disruptive actions; The engine will process rules but will never execute a disruptive action (block, deny, drop, allow, proxy and redirect).

Backend Compression

ModSecurity Options

This section allows you to enable or disable backend compression. This is only required if you are going to be using your server in reverse proxy mode.

Geolocation Database

ModSecurity Options

This allows you to define the path to the database that will be used for geolocation lookups.

Google Safe Browsing Database

ModSecurity Options

This allows you to define the path to the database that will be used for Google Safe Browsing. 

Guardian Log

ModSecurity Options

This allows you to configure an external program that is responsible for receiving data about all transactions

Project Honey Pot Http:BL API Key

ModSecurity Options

This allows you to enter your registered Honeypot Project HTTP BL API Key to use with @rbl.

Perl Compatible Regular Expressions Library Match Limit

ModSecurity Options

This setting allows you to set the match_limit as a means of preventing the Perl Compatible Regular Expressions Library from using up a vast amount of resources when running patterns that are not going to match, but which have a very large number of possibilities in their search trees.

Perl Compatible Regular Expressions Library Match Limit Recursion

Mod Security Options

The Match Limit Recursion field is similar to Match Limit, but instead of limiting the total number of times that match() is called, it limits the depth of recursion. The recursion depth is a smaller number than the total number of calls, because not all calls to match() are recursive. This limit is of use only if it is set smaller than match_limit.

Once you have made any changes remember to click save.

Thanks

Matt Jeffels
PAC Web Hosting

(1 vote(s))
Helpful
Not helpful

Comments (0)