ModSecurity™ Configuration
Home
/
Security Center
/
ModSecurity™ Configuration
»
Configure Global Directives
Configure Global Directives
This interface allows you to configure a number of global settings for ModSecurity™. For more information about each supported directive, you can review additional details using the links provided with each directive.
Save
Refresh
Audit Log Level
SecAuditEngine
This setting controls the behavior of the audit engine.
Only log noteworthy transactions.
-
Default
Recommended
Do not log any transactions.
-
Default
Log all transactions.
-
Default
Debug Only
Security Alert
: We strongly recommend that you do not select this option. This option causes Apache to log every transaction, including your users’ and clients’ private data. The resulting log files will fill your system’s file partitions quickly.
Connections Engine
SecConnEngine
This setting controls the behavior of the connections engine.
Process the rules.
-
Default
Do not process the rules.
-
Default
Process the rules in verbose mode, but do not execute disruptive actions.
-
Default
Connections Engine
SecConnEngine
This setting controls the behavior of the connections engine.
If the “SecConnEngine” directive does not appear in “modsec2.conf”, its default value is “Off”.
Rules Engine
SecRuleEngine
This setting controls the behavior of the rules engine.
Process the rules.
-
Default
Do not process the rules.
-
Default
Process the rules in verbose mode, but do not execute disruptive actions.
-
Default
Rules Engine
SecRuleEngine
This setting controls the behavior of the rules engine.
If the “SecRuleEngine” directive does not appear in “modsec2.conf”, its default value is “Off”.
Backend Compression
SecDisableBackendCompression
Disables backend compression while leaving the frontend compression enabled.
Disabled
-
Default
Enabled
-
Default
Backend Compression
SecDisableBackendCompression
Disables backend compression while leaving the frontend compression enabled.
If the “SecDisableBackendCompression” directive does not appear in “modsec2.conf”, its default value is “Off”.
Geolocation Database
SecGeoLookupDb
Specify a path for the geolocation database.
Geolocation Database
SecGeoLookupDb
Specify a path for the geolocation database.
Google Safe Browsing Database
SecGsbLookupDb
Specify a path for the Google Safe Browsing Database.
Google Safe Browsing Database
SecGsbLookupDb
Specify a path for the Google Safe Browsing Database.
Guardian Log
SecGuardianLog
Specify an external program to pipe transaction log information to for additional analysis. The syntax is analogous to the .forward file, in which a pipe at the beginning of the field indicates piping to an external program.
Guardian Log
SecGuardianLog
Specify an external program to pipe transaction log information to for additional analysis. The syntax is analogous to the .forward file, in which a pipe at the beginning of the field indicates piping to an external program.
Project Honey Pot Http:BL API Key
SecHttpBlKey
Specify a Project Honey Pot API Key for use with the @rbl operator.
Project Honey Pot Http:BL API Key
SecHttpBlKey
Specify a Project Honey Pot API Key for use with the @rbl operator.
Perl Compatible Regular Expressions Library Match Limit
SecPcreMatchLimit
Define the match limit of the Perl Compatible Regular Expressions library.
Perl Compatible Regular Expressions Library Match Limit
SecPcreMatchLimit
Define the match limit of the Perl Compatible Regular Expressions library.
Perl Compatible Regular Expressions Library Match Limit Recursion
SecPcreMatchLimitRecursion
Define the match limit recursion of the Perl Compatible Regular Expressions library.
Perl Compatible Regular Expressions Library Match Limit Recursion
SecPcreMatchLimitRecursion
Define the match limit recursion of the Perl Compatible Regular Expressions library.
Save
Refresh