From 550fa2b0a405e9bda6e2d82a1e423396a7ffdaa8 Mon Sep 17 00:00:00 2001
From: Jerome Charaoui <jcharaoui@cmaisonneuve.qc.ca>
Date: Mon, 4 Jan 2010 15:26:24 -0500
Subject: add $mod_security_relevantonly flag, enabled by default, logs only on
 suspicious requests, set to 'false' to log all requests (as before)

---
 templates/vhosts/passenger/passenger.erb | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'templates/vhosts/passenger')

diff --git a/templates/vhosts/passenger/passenger.erb b/templates/vhosts/passenger/passenger.erb
index 41b903b..2c23dce 100644
--- a/templates/vhosts/passenger/passenger.erb
+++ b/templates/vhosts/passenger/passenger.erb
@@ -39,7 +39,11 @@
     <IfModule mod_security2.c>
         <%- if mod_security.to_s == 'true' then -%>
         SecRuleEngine On
+        <%- if mod_security_relevantonly.to_s == 'true' then -%>
+        SecAuditEngine RelevantOnly
+        <%- else -%>
         SecAuditEngine On
+        <%- end -%>
         <%- else -%>
         SecRuleEngine Off
         SecAuditEngine Off
@@ -92,7 +96,11 @@
     <IfModule mod_security2.c>
         <%- if mod_security.to_s == 'true' then -%>
         SecRuleEngine On
+        <%- if mod_security_relevantonly.to_s == 'true' then -%>
+        SecAuditEngine RelevantOnly
+        <%- else -%>
         SecAuditEngine On
+        <%- end -%>
         <%- else -%>
         SecRuleEngine Off
         SecAuditEngine Off
-- 
cgit v1.2.3