Posted by Matthew Jeffels, Last modified by Matthew Jeffels on 15 September 2016 01:14 PM
This section allows you to configure a number of ModSecurity's global settings.
Audit Log Level
This option allows you to decide what you log in terms of transactions carried out by the server. A transaction is where a visitor requests a web page from your server and your server responds, either by providing the page or an error code.
Log all transactions; This will log all transactions, this can be heavy on server memory usage.
Do not log any transactions; This will not log any transactions.
Only log noteworthy transactions; This will only log the transactions that have created an error or warning. As a result it wont fill up the memory with successful transactions and only those that can be of use.
This allows you to configure the connection engine and affects the SecConnReadStateLimit and SecConnWriteStateLimit.
Process the rules; This will process SecConn[Read|Write]StateLimit.
Do not process the rules; This causes the engine to ignore the directives SecConn[Read|Write]StateLimit.
Process the rules in verbose mode, but do not execute disruptive actions; This causes the engine to process SecConn[Read|Write]StateLimit definitions in verbose mode but never executes any disruptive actions.
This option allows you to configure ModSecurity's rule engine.
Process the rules; Causes the engine to process the rules.
Do not process the rules; Causes the engine to not process rules.
Process the rules in verbose mode, but do not execute disruptive actions; The engine will process rules but will never execute a disruptive action (block, deny, drop, allow, proxy and redirect).
This section allows you to enable or disable backend compression. This is only required if you are going to be using your server in reverse proxy mode.
This allows you to define the path to the database that will be used for geolocation lookups.
Google Safe Browsing Database
This allows you to define the path to the database that will be used for Google Safe Browsing.
This allows you to configure an external program that is responsible for receiving data about all transactions
Project Honey Pot Http:BL API Key
This allows you to enter your registered Honeypot Project HTTP BL API Key to use with @rbl.
Perl Compatible Regular Expressions Library Match Limit
This setting allows you to set the match_limit as a means of preventing the Perl Compatible Regular Expressions Library from using up a vast amount of resources when running patterns that are not going to match, but which have a very large number of possibilities in their search trees.
Perl Compatible Regular Expressions Library Match Limit Recursion
The Match Limit Recursion field is similar to Match Limit, but instead of limiting the total number of times that match() is called, it limits the depth of recursion. The recursion depth is a smaller number than the total number of calls, because not all calls to match() are recursive. This limit is of use only if it is set smaller than match_limit.
Once you have made any changes remember to click save.