2 – Mod Security Configurations

You are here:
< Back

Once you open: https://<IP Address>:8090/firewall/modSecurity

You will see something like:

 

 

There are seven options, lets discuss them.

ModSecurity Status

This is the only option controlled by OpenLiteSpeed web server, once you turn this off nothing related to ModSecurity will work, this should be turned On for ModSecurity to function.

SecAuditEngine

ModSecurity can generate extensive logs for HTTP requests in the Audit log file, this option states weather you need extensive logging or not. You can read more details here.

SecRuleEngine

Weather to process rules you have defined in the rules files or not, if ModSecurity Status is turned off this option does not make any effects.

SecDebugLogLevel

Levels of debug logs you need, 9 being the highest level of logging. More details here.

SecAuditLogParts

If `SecAuditEngine` is turned on you can decide here which parts of HTTP trasaction you want to be logged into audit log file, more details here.

SecAuditLogRelevantStatus

Related to Audit logging more details here.

SecAuditLogType

How Audit logging should be done, more details here.

Author's page
Cyber Panel