Question
Why aren't ModSecurity hits being logged in the modsec_audit/ directory?
Answer
ModSecurity adds information to the log files as the user when the mod_ruid2 and mod_mpm_itk Apache modules are installed. This action causes the system to use more disk space. The system logs this information concurrently to the following directory, where username represents the user’s username:
/etc/apache2/logs/modsec_audit/username
When the mod_ruid2 and mod_mpm_itk Apache modules are not installed, the mod_security2 Apache module stores its log file in the /etc/apache2/logs/modsec_audit.log file.
You can find more information on ModSecurity configuration details here:
Apache Module: ModSecurity - Configuration Details
Comments
0 comments
Article is closed for comments.