2 – Mod Security Configurations
Once you open: https://<IP Address>:8090/firewall/modSecurity
You will see something like:
There are seven options, lets discuss them.
This is the only option controlled by OpenLiteSpeed web server, once you turn this off nothing related to ModSecurity will work, this should be turned On for ModSecurity to function.
ModSecurity can generate extensive logs for HTTP requests in the Audit log file, this option states weather you need extensive logging or not. You can read more details here.
Weather to process rules you have defined in the rules files or not, if
ModSecurity Status is turned off this option does not make any effects.
Levels of debug logs you need, 9 being the highest level of logging. More details here.
If `SecAuditEngine` is turned on you can decide here which parts of HTTP trasaction you want to be logged into audit log file, more details here.
Related to Audit logging more details here.
How Audit logging should be done, more details here.