Are htaccess rules executed before modsecurity rules?
Sending illegal requests to couple of domains some of them trigger modsecurity but some of them with same illegal requests are not showing modsecurity forbidden message but 404 instead.
Asked
Active
Viewed 84 times
0
-
Which version of ModSecurity are you using? – airween Jan 05 '19 at 19:24
-
Version is 2.9.2 – titus Jan 06 '19 at 19:00
-
1It would be know more about your config, so I can't tell you more than set up the level to "debug" for error log, and try to catch the error... sorry. – airween Jan 07 '19 at 10:24
-
@airween I did not have error pages set in Apache properly. I am aware that this question is wide to answer in a simple maner. What I have concluded is that modsecurity is triggered before .htaccess. Thanks for your interest in my issue. – titus Jan 08 '19 at 10:34