I have configured Mod Security on Apache 2.2.21 and i have successfully configured Mod Security Rules.The problem i am facing that if i configured a wrong Rule in Mod Security Rule configuration file than Apache server wouldn’t start up and i have two manually search for the Problematic Rule. Apache Error logs doesn’t give enough information about the error in Mod-Security Rule.And Mod Security audit logs are not relevant here as they are logging which Rule are trigger and why. Do i need to configure Apache Error logs and how?
I have configured Mod Security on Apache 2.2.21 and i have successfully configured Mod
Share
The logs won’t help you on startup, and that’s not just for modsecurity. In generally it just doesn’t connect to the log or write anything until the server is fully operational.
I would suggest you test your rules one by one in a single separate configuration file and only try to load that one file. You can do that on a test system, it’s pretty quick. Once fixed put in your complete setup and try a restart there. If that fails, then you have conflicts with other existing rules.