On Fri, Jul 06, 2012 at 12:07:21PM +0300, Teodor wrote: > Package: libapache2-modsecurity > Version: 2.6.6-2 > Severity: important > > Hi, > > By default all the rules from /etc/modsecurity/*.conf are activated by > this line in mods-available/mod-security.conf: > Include "/etc/modsecurity/*.conf" > > I'm proposing to remove the second paragraph completely because from my > experince enabling all these rules for all web sites will cause too much > noise in the log (like 99.9%) with entries like this:
"enabling all these rules" ??? Which rules? The package includes NO /etc/modsecurity/*.conf files. So none are included unless you create them. -- Alberto Gonzalez Iniesta | Formación, consultoría y soporte técnico agi@(inittab.org|debian.org)| en GNU/Linux y software libre Encrypted mail preferred | http://inittab.com Key fingerprint = 9782 04E7 2B75 405C F5E9 0C81 C514 AF8E 4BA4 01C3 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
