Can mod_security be configured to create log only?

Question

I've installed mod_security on openSUSE and want to make it log only.

I want absolutely no blocking or filtering of any kind.

I've created a config file as:

SecAuditEngine On
SecAuditLog /siteA/user/logs/mod.log
SecAuditLogParts ABIZ

This is logging, but I've noticed some pages elements, CSS/JS etc, are being blocked.

How do I set this for logging only ?

Thanks

Did you find my answer useful? – Marco Jan 20 '20 at 19:57 — Marco, Jan 20 '20 at 19:57

score 1 · Answer 1 · answered Jan 15 '20 at 13:43

1

What you are looking for is SecRuleEngine DetectionOnly.

Edit your /etc/modsecurity/modesecurity.conf accordingly then restart your web server.

answered Jan 15 '20 at 13:43

Marco

1 Answers1