: How do I make Apache stop logging " ModSecurity: Access denied"? I have Apache set up on a Linux server and have mod_security enabled. I have a few lines that look like: SecRule REQUEST_URI

I have Apache set up on a Linux server and have mod_security enabled. I have a few lines that look like:

SecRule REQUEST_URI "^/*admin" drop,phase:1

Because there is no /admin on my website, and I don't want to waste the server resources to serve a 404 page to a bot or hacker.

I've noticed that whenever a page such as /admin is visited, I see in my Apache access logs that an HTTP 301 status with 0 bytes of content was returned (which is exactly what I want). However, I also get a ModSecurity: Access denied with connection close (phase 1). Pattern match "^/*admin" at REQUEST_URI. line in my Apache error logs.

Is there any way I can continue having mod_security append these connection drops to my access logs, but not append anything to my error logs?

10.01% popularity Vote Up Vote Down

: Google search results show my title incorrectly twice Does anyone know why Google shows my title twice in search results? And it's the wrong title too. Here's a screenshot:

@Tiffany637

Posted in: #GoogleSearch #Magento #Seo #Title

1 Comments

: How to implement hreflang on a single domain? Large amounts of a company's (English) content are duplicated across the following ccTLDs: example.co.uk example.com example.au example.ie example.co.nz

@Tiffany637

Posted in: #CountrySpecific #Hreflang #Internationalization #Language #TopLevelDomains

1 Comments

: Should I use rel="nofollow" for social media links? The question here is whether I'm passing juice to my Facebook, Yelp pages etc. I do want those pages to rank higher than those of competitors,

@Tiffany637

Posted in: #Nofollow

3 Comments

: Are there disadvantages an literal + instead of an encoded + (%2B) in an URL? A client of mine has a product ending with a plus-sign (e.g. Google+) and would like the webpage of this product

@Tiffany637

Posted in: #SearchEngines #Seo #Url #UrlEncoding

1 Comments

Login to post a comment!

1 Comments

Sorted by latest first Latest Oldest Best

@Nimeshi995

Make sure that you don't have log specified - from the documentation on ModSecurity:

Description: Indicates that a successful match of the rule needs to be logged.

Example:

SecAction phase:1,id:117,pass,initcol:ip=%{REMOTE_ADDR},log

This action will log matches to the Apache error log file and the
ModSecurity audit log.

Instead specify nolog:

Description: Prevents rule matches from appearing in both the error and audit logs.

Example:

SecRule REQUEST_HEADERS:User-Agent "Test" allow,nolog,id:121

Although nolog implies noauditlog, you can override the former by
using nolog,auditlog.

10% popularity Vote Up Vote Down

Feed

: How do I make Apache stop logging " ModSecurity: Access denied"? I have Apache set up on a Linux server and have mod_security enabled. I have a few lines that look like: SecRule REQUEST_URI

More posts by @Tiffany637

: Google search results show my title incorrectly twice Does anyone know why Google shows my title twice in search results? And it's the wrong title too. Here's a screenshot:

: How to implement hreflang on a single domain? Large amounts of a company's (English) content are duplicated across the following ccTLDs: example.co.uk example.com example.au example.ie example.co.nz

: Should I use rel="nofollow" for social media links? The question here is whether I'm passing juice to my Facebook, Yelp pages etc. I do want those pages to rank higher than those of competitors,

: Are there disadvantages an literal + instead of an encoded + (%2B) in an URL? A client of mine has a product ending with a plus-sign (e.g. Google+) and would like the webpage of this product

Login to post a comment!

1 Comments

Back to top | Use Dark Theme