Question
Why aren't ModSecurity hits being logged in the modsec_audit/
directory?
Answer
ModSecurity adds information to the log files as the user when the mod_ruid2
and mod_mpm_itk
Apache modules are installed. This action causes the system to use more disk space. The system logs this information concurrently to the following directory, where username
represents the user’s username:
/etc/apache2/logs/modsec_audit/username
When the mod_ruid2
and mod_mpm_itk
Apache modules are not installed, the mod_security2
Apache module stores its log file in the /etc/apache2/logs/modsec_audit.log
file.
You can find more information on ModSecurity configuration details here:
Apache Module: ModSecurity - Configuration Details
Comments
0 comments
Article is closed for comments.