modsecurity系列二:主文件配置
2016-04-19 15:03
375 查看
Main configuration directives
主要的有如下几个:
SecArgumentSeparator Sets the application/x-www-form-urlencoded parameter separator
SecCookieFormat Sets the cookie parser version
SecDataDir Sets the folder for persistent storage
SecRequestBodyAccess Controls request body buffering
SecRequestBodyInMemoryLimit Sets the size of the per-request memory buffer
SecRequestBodyLimit Sets the maximum request body size ModSecurity will accept
SecRequestBodyNoFilesLimit Sets the maximum request body size, excluding uploaded files
SecResponseBodyAccess Controls response body buffering
SecResponseBodyLimit Specifies the response body buffering limit
SecResponseBodyLimitAction Controls what happens once the response body limit is reached
SecResponseBodyMimeType Specifies a list of response body MIME types to inspect
SecResponseBodyMimeTypesClear Clears the list of response body MIME types
SecRuleEngine Controls the operation of the rule engine
SecTmpDir Sets the folder for temporary files
日志开关:
Our default configuration will use audit logging only for the transactions that are relevant,which means those that have had an error or a warning reported against them. Other possiblevalues for SecAuditEngine are On (log everything)
and Off (log nothing).
# Log only what is really necessary.
SecAuditEngine RelevantOnly
主要的有如下几个:
SecArgumentSeparator Sets the application/x-www-form-urlencoded parameter separator
SecCookieFormat Sets the cookie parser version
SecDataDir Sets the folder for persistent storage
SecRequestBodyAccess Controls request body buffering
SecRequestBodyInMemoryLimit Sets the size of the per-request memory buffer
SecRequestBodyLimit Sets the maximum request body size ModSecurity will accept
SecRequestBodyNoFilesLimit Sets the maximum request body size, excluding uploaded files
SecResponseBodyAccess Controls response body buffering
SecResponseBodyLimit Specifies the response body buffering limit
SecResponseBodyLimitAction Controls what happens once the response body limit is reached
SecResponseBodyMimeType Specifies a list of response body MIME types to inspect
SecResponseBodyMimeTypesClear Clears the list of response body MIME types
SecRuleEngine Controls the operation of the rule engine
SecTmpDir Sets the folder for temporary files
日志开关:
Our default configuration will use audit logging only for the transactions that are relevant,which means those that have had an error or a warning reported against them. Other possiblevalues for SecAuditEngine are On (log everything)
and Off (log nothing).
# Log only what is really necessary.
SecAuditEngine RelevantOnly
相关文章推荐
- 读modsecurity代码 ---发文于2015-5-6
- modsecurity系列一:简介
- Linux下Nginx+modsecurity安装手册
- modsecurity(尚不完善)
- Nginx+Modsecurity实现WAF
- Modsecurity白名单
- modsecurity系列五:白名单
- modsecurity系列四:规则实战2
- modsecurity系列四:规则实战1
- modsecurity系列三:规则3-Actions
- modsecurity系列三:规则2-Operators
- modsecurity系列三:规则1-Variables
- ubuntu安装ModSecurity
- ModSecurity配置关键字说明
- Linux下Nginx服务器配置Modsecurity实现Web应用防护系统
- Apache下ModSecurity的安装启用与配置
- 【client】与【offset】
- 采用MogoDB生成ID的策略
- Java对英文句子进行倒序排序
- VC回车键的使用 Edit内回车