Hi Andrei,
The directive pointed by Ronald, SecRuleRemoveById should work on IIS the
same way it does on Apache.
Check in your ModSecurity installation directory, there is this
modsecurity_iis.conf. The modsecurity_iis.conf includes others
configurations files, including modsecurity.conf and
I was just wanting to follow up. Is anyone able to confirm the proper
logging settings when using ModSecurity, and sending the logs out via mlogc
to AuditConsole? Should we have our modsecurity_crs_10_setup.conf
SecDefaultAction lines set to the following?
SecDefaultAction phase:1,pass,nolog
