> On 18 May 2016, at 05:05, T. Kenneth Lojo (IRRI) <t.l...@irri.org> wrote: > > Where do I set the anomaly limit?
"modsecurity_crs_10_setup.conf" handles anomaly limit by default. Look out for rule ID 900003 with variables "tx.inbound_anomaly_score_level=5” and "tx.outbound_anomaly_score_level=4”. The actual blocking is done by “modsecurity_crs_49_inbound_blocking.conf" and “modsecurity_crs_59_outbound_blocking.conf” respectively. Cheers, Noël
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
