[Owasp-modsecurity-core-rule-set] SecRuleEngine mode

Bill Miller Tue, 14 Jul 2015 16:28:13 -0700

Hello,
My modsecurity.conf starts like this

# Enable ModSecurity, attaching it to every transaction. Use detection

# only to start with, because that minimises the chances ofpost-installation

# disruption.
#
SecRuleEngine On



But all messages in modsec_audit.log contain this string:

Engine-Mode: "DETECTION_ONLY"

I have grep'd for other instances of SecRuleEngine being set, but havenot found any.


What am I doing wrong?

Thanks for your help.
Bill


_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
Owasp-modsecurity-core-rule-set@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set

[Owasp-modsecurity-core-rule-set] SecRuleEngine mode

Reply via email to