本文深入探讨了ModSecurity的主要配置指令及其作用,包括参数分隔符、Cookie格式设置、持久存储文件夹设置等,并详细解释了如何通过日志开关来控制交易日志的记录,提供了一个关于交易相关错误和警告的日志记录策略。
Main configuration directives
主要的有如下几个:
SecArgumentSeparator Sets the application/x-www-form-urlencoded parameter separatorSecCookieFormat Sets the cookie parser version
SecDataDir Sets the folder for persistent storage
SecRequestBodyAccess Controls request body buffering
SecRequestBodyInMemoryLimit Sets the size of the per-request memory buffer
SecRequestBodyLimit Sets the maximum request body size ModSecurity will accept
SecRequestBodyNoFilesLimit Sets the maximum request body size, excluding uploaded files
SecResponseBodyAccess Controls response body buffering
SecResponseBodyLimit Specifies the response body buffering limit
SecResponseBodyLimitAction Controls what happens once the response body limit is reached
SecResponseBodyMimeType Specifies a list of response body MIME types to inspect
SecResponseBodyMimeTypesClear Clears the list of response body MIME types
SecRuleEngine Controls the operation of the rule engine
SecTmpDir Sets the folder for temporary files
日志开关:
Our default configuration will use audit logging only for the transactions that are relevant,which means those that have had an error or a warning reported against them. Other possiblevalues for SecAuditEngine are On (log everything)
and Off (log nothing).
# Log only what is really necessary.
SecAuditEngine RelevantOnly
扫一扫
1854
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
