From 550fa2b0a405e9bda6e2d82a1e423396a7ffdaa8 Mon Sep 17 00:00:00 2001 From: Jerome Charaoui Date: Mon, 4 Jan 2010 15:26:24 -0500 Subject: add $mod_security_relevantonly flag, enabled by default, logs only on suspicious requests, set to 'false' to log all requests (as before) --- templates/vhosts/php_simplemachine/php_simplemachine.erb | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'templates/vhosts/php_simplemachine') diff --git a/templates/vhosts/php_simplemachine/php_simplemachine.erb b/templates/vhosts/php_simplemachine/php_simplemachine.erb index 72f7b38..ddb59ed 100644 --- a/templates/vhosts/php_simplemachine/php_simplemachine.erb +++ b/templates/vhosts/php_simplemachine/php_simplemachine.erb @@ -51,7 +51,11 @@ <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On + <%- if mod_security_relevantonly.to_s == 'true' then -%> + SecAuditEngine RelevantOnly + <%- else -%> SecAuditEngine On + <%- end -%> <%- else -%> SecRuleEngine Off SecAuditEngine Off @@ -116,7 +120,11 @@ <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On + <%- if mod_security_relevantonly.to_s == 'true' then -%> + SecAuditEngine RelevantOnly + <%- else -%> SecAuditEngine On + <%- end -%> <%- else -%> SecRuleEngine Off SecAuditEngine Off -- cgit v1.2.3